-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathadmin-openapi.yaml
More file actions
10219 lines (10013 loc) · 292 KB
/
admin-openapi.yaml
File metadata and controls
10219 lines (10013 loc) · 292 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
openapi: 3.0.0
info:
title: Culturae API
description: Complete API documentation for Culturae administration and management.
version: 1.0.0
x-last-updated: "2026-04-26"
servers:
- url: https://demo.culturae.me
description: Production
- url: http://localhost:8080
description: Local Development Backend Server
- url: http://localhost:80
description: Local Development with Docker
security:
- BearerAuth: []
tags:
- name: System
description: System health and status
- name: Auth
description: Authentication endpoints
- name: Profile
description: User profile management
- name: Avatar
description: User avatar management
- name: Users
description: Public user search and details
- name: Friends
description: Friend request and friendship management
- name: Games
description: Game creation and gameplay
- name: Realtime
description: Real-time WebSocket connection for online presence, game events, and notifications
- name: Admin Users
description: User management for admins
- name: Admin Avatar
description: Avatar management for admins
- name: Admin Logs
description: System and user logs
- name: Admin Questions
description: Question management
- name: Admin Friends
description: Friendship management for admins
- name: Admin Imports
description: Data import jobs
- name: Admin Datasets
description: Dataset management
- name: Admin Geography
description: Geography dataset management for admins
- name: Admin Games
description: Game management for admins
- name: Admin Reports
description: Management of user-submitted reports
- name: Admin Matchmaking
description: Management of matchmaking queues
- name: Admin Settings
description: System settings (maintenance mode, rate limiting, cache)
- name: Admin Game Templates
description: Game template management for admins
- name: Admin Pods
description: Pod discovery and multi-instance monitoring
- name: Geography
description: Public geography data (countries, continents, regions, flags)
- name: Reports
description: Question reporting (user-facing)
- name: Notifications
description: User notification management (game invites, friend requests, etc.)
- name: Leaderboard
description: Global and mode-specific player rankings
components:
securitySchemes:
BearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
responses:
Forbidden:
description: Forbidden – authenticated but not allowed to access this resource.
content:
application/json:
schema: &id001
type: object
properties:
error:
type: object
properties:
code:
type: string
message:
type: string
example:
error:
code: FORBIDDEN
message: admin access required
Unauthorized:
description: Unauthorized – missing or invalid authentication token.
content:
application/json:
schema: *id001
example:
error:
code: UNAUTHORIZED
message: authentication required
NotFound:
description: Not Found – the requested resource does not exist.
content:
application/json:
schema: *id001
example:
error:
code: NOT_FOUND
message: resource not found
BadRequest:
description: Bad Request – validation error or malformed body.
content:
application/json:
schema: *id001
example:
error:
code: BAD_REQUEST
message: invalid request body
InternalServerError:
description: Internal Server Error – unexpected server-side failure.
content:
application/json:
schema: *id001
example:
error:
code: INTERNAL_ERROR
message: internal server error
TooManyRequests:
description: Too Many Requests – rate limit exceeded.
content:
application/json:
schema: *id001
example:
error:
code: RATE_LIMITED
message: too many requests, please slow down
parameters:
limit:
name: limit
in: query
description: Max number of items to return (pagination)
schema:
type: integer
format: int32
default: 50
minimum: 1
maximum: 1000
offset:
name: offset
in: query
description: Offset for pagination (use with limit)
schema:
type: integer
format: int32
default: 0
minimum: 0
page:
name: page
in: query
description: Page number for pagination (alternative to offset)
schema:
type: integer
format: int32
default: 1
minimum: 1
status:
name: status
in: query
description: Filter by status (semantics depend on endpoint, e.g., 'online'|'offline' or 'pending'|'accepted')
schema:
type: string
user_status:
name: status
in: query
description: Online status for users
schema:
type: string
enum:
- online
- offline
friend_request_status:
name: status
in: query
description: Status for friend requests
schema:
type: string
enum:
- pending
- accepted
- rejected
- blocked
game_status:
name: status
in: query
description: Status for games
schema:
type: string
enum:
- waiting
- ready
- in_progress
- completed
- cancelled
- abandoned
game_invite_status:
name: status
in: query
description: Status for game invites
schema:
type: string
enum:
- pending
- accepted
- rejected
- cancelled
role:
name: role
in: query
description: Filter users by role
schema:
type: string
level:
name: level
in: query
description: Filter users by level (numeric)
schema:
type: integer
format: int32
minimum: 0
rank:
name: rank
in: query
description: Filter users by rank name (Beginner, Intermediate, Expert, Master)
schema:
type: string
account_status:
name: account_status
in: query
description: Filter users by account status (active, suspended, banned, inactive)
schema:
type: string
enum:
- active
- suspended
- banned
- inactive
query:
name: query
in: query
description: Free-text search query
schema:
type: string
search:
name: search
in: query
description: Search text (for questions endpoint)
schema:
type: string
dataset_id:
name: dataset_id
in: query
description: Dataset UUID filter
schema:
type: string
format: uuid
user_id:
name: user_id
in: query
description: User UUID filter
schema:
type: string
format: uuid
days:
name: days
in: query
description: Number of days to include in the statistic
schema:
type: integer
format: int32
default: 30
minimum: 1
mode:
name: mode
in: query
description: Filter by game mode
schema:
type: string
enum:
- solo
- 1v1
type:
name: type
in: query
description: Dataset or import type filter
schema:
type: string
enum:
- questions
- geography
active_only:
name: active_only
in: query
description: When true, return only active datasets
schema:
type: boolean
default: false
include_hash:
name: include_hash
in: query
description: Include password hashes in export (for migration)
schema:
type: boolean
default: false
date_from:
name: date_from
in: query
description: Start date (inclusive) for date range filters (ISO 8601)
schema:
type: string
format: date-time
date_to:
name: date_to
in: query
description: End date (inclusive) for date range filters (ISO 8601)
schema:
type: string
format: date-time
start_date:
name: start_date
in: query
description: Start date (inclusive) for date range filters (ISO 8601) — alias used by some endpoints
schema:
type: string
format: date-time
end_date:
name: end_date
in: query
description: End date (inclusive) for date range filters (ISO 8601) — alias used by some endpoints
schema:
type: string
format: date-time
action:
name: action
in: query
description: Action name to filter logs
schema:
type: string
admin_id:
name: admin_id
in: query
description: Filter logs by admin UUID
schema:
type: string
format: uuid
is_success:
name: is_success
in: query
description: Filter by success flag (boolean)
schema:
type: boolean
is_error:
name: is_error
in: query
description: Filter by error flag (boolean)
schema:
type: boolean
success:
name: success
in: query
description: Filter by success flag (boolean) (used in connection logs)
schema:
type: boolean
method:
name: method
in: query
description: HTTP method to filter logs (GET, POST, etc.)
schema:
type: string
enum:
- GET
- POST
- PUT
- PATCH
- DELETE
path:
name: path
in: query
description: Request path to filter logs
schema:
type: string
status_code:
name: status_code
in: query
description: HTTP status code to filter API request logs
schema:
type: integer
format: int32
continent:
name: continent
in: query
description: Continent filter for geography datasets
schema:
type: string
region:
name: region
in: query
description: Region filter for geography datasets
schema:
type: string
driving_side:
name: driving_side
in: query
description: Driving side filter (e.g., left, right)
schema:
type: string
population_min:
name: population_min
in: query
description: Minimum population filter
schema:
type: integer
format: int64
population_max:
name: population_max
in: query
description: Maximum population filter
schema:
type: integer
format: int64
area_min:
name: area_min
in: query
description: Minimum area filter (km²)
schema:
type: number
format: double
area_max:
name: area_max
in: query
description: Maximum area filter (km²)
schema:
type: number
format: double
un_member:
name: un_member
in: query
description: Filter by UN member status (true/false)
schema:
type: boolean
source:
name: source
in: query
description: Source URL for import endpoints (or use JSON body param 'url')
schema:
type: string
q:
name: q
in: query
description: Free-text query (short form)
schema:
type: string
schemas:
PodInfo:
type: object
description: Real-time snapshot of a running pod, published via Redis heartbeat every 5 seconds.
required:
- pod_id
- pod_type
- status
- is_current
- connected_clients
- online_users
- active_games
- last_heartbeat
- started_at
properties:
pod_id:
type: string
format: uuid
description: Unique identifier assigned at pod startup.
example: 3f6a1b2c-dead-beef-0000-aabbccddeeff
pod_type:
type: string
enum: [main, headless]
description: |
`main` — serves both REST and WebSocket traffic.
`headless` — background worker pod (game engine, matchmaking); no WebSocket clients.
status:
type: string
enum: [healthy, degraded, offline]
description: Self-reported health status included in the heartbeat payload.
is_current:
type: boolean
description: "`true` when this pod handled the current HTTP request."
connected_clients:
type: integer
format: int64
minimum: 0
description: Number of open WebSocket connections on this pod (0 for headless pods).
online_users:
type: integer
format: int64
minimum: 0
description: Number of distinct authenticated users connected via WebSocket on this pod.
active_games:
type: integer
format: int64
minimum: 0
description: Number of in-progress or waiting games managed by this pod.
last_heartbeat:
type: string
format: date-time
description: Timestamp of the most recent heartbeat published to Redis (RFC 3339).
started_at:
type: string
format: date-time
description: Timestamp when the pod process started (RFC 3339).
PodsMeta:
type: object
description: Aggregated counters across all discovered pods.
required:
- total_pods
- main_pods
- headless_pods
- total_clients
- total_users
properties:
total_pods:
type: integer
format: int64
minimum: 0
description: Total number of live pods (heartbeat TTL not expired).
main_pods:
type: integer
format: int64
minimum: 0
description: Number of pods with `pod_type: main`.
headless_pods:
type: integer
format: int64
minimum: 0
description: Number of pods with `pod_type: headless`.
total_clients:
type: integer
format: int64
minimum: 0
description: Sum of `connected_clients` across all pods.
total_users:
type: integer
format: int64
minimum: 0
description: Sum of `online_users` across all pods.
Error:
type: object
required:
- error
properties:
error:
type: object
required:
- code
- message
properties:
code:
type: string
description: Machine-readable error code
message:
type: string
description: Human-readable error message
details:
type: object
additionalProperties: true
nullable: true
description: Additional error details
RegisterRequest:
type: object
required:
- email
- username
- password
properties:
email:
type: string
format: email
example: user@example.com
username:
type: string
minLength: 3
maxLength: 20
pattern: ^[a-zA-Z0-9\-]+$
description: 3–20 characters, letters, numbers and hyphens only
example: player123
password:
type: string
minLength: 8
format: password
description: 'Minimum 8 characters. Must contain at least one uppercase letter, one digit, and one special character.
'
example: SecurePass1!
LoginRequest:
type: object
required:
- identifier
- password
properties:
identifier:
type: string
description: Email address or username
example: user@example.com
password:
type: string
format: password
RefreshTokenRequest:
type: object
properties:
refresh_token:
type: string
description: 'Refresh token obtained from login/register. Optional if the `culturae_refresh` HttpOnly cookie is
present — the server will use the cookie as fallback.
'
description: 'Either `refresh_token` in the body or the `culturae_refresh` HttpOnly cookie must be present.
'
SessionResponse:
type: object
description: 'Session payload returned by login, register, login-admin and refresh endpoints. Tokens are also set as
HttpOnly cookies (`culturae_token` for the access token, `culturae_refresh` for the refresh token).
'
required:
- token
- refresh_token
- expires_at
- token_expires_at
- user
properties:
created:
type: string
format: date-time
description: Session creation timestamp
token:
type: string
description: 'Short-lived JWT access token (15 min default, 10 min in production). Send as `Authorization: Bearer
<token>` header, or rely on the `culturae_token` HttpOnly cookie set by the server.
'
refresh_token:
type: string
description: 'Long-lived opaque refresh token (30 days default, 60 days in production). **Rotated on every call
to `/auth/refresh`** — always store the latest value. Stored in the `culturae_refresh` HttpOnly cookie automatically.
'
expires_at:
type: integer
format: int64
description: Unix timestamp (seconds) when the **refresh token** expires
token_expires_at:
type: integer
format: int64
description: Unix timestamp (seconds) when the **access token** expires
user:
$ref: '#/components/schemas/PublicUser'
PublicUser:
type: object
description: Minimal user info returned in auth responses
properties:
public_id:
type: string
description: Short public identifier (not a UUID)
example: '#20483-18393'
username:
type: string
example: player123
email:
type: string
format: email
example: user@example.com
language:
type: string
example: fr
role:
type: string
enum:
- user
- moderator
- administrator
example: user
AuthResponse:
type: object
description: 'Envelope returned by register, login, login-admin and refresh endpoints. On success the server also sets
`culturae_auth` (access token) and `culturae_refresh` (refresh token) as HttpOnly, Secure, SameSite=Strict cookies
in addition to returning the tokens in the response body.
'
properties:
message:
type: string
example: Login successful
data:
$ref: '#/components/schemas/SessionResponse'
example:
message: Login successful
data:
created: '2025-12-15T12:00:00Z'
token: ey...
refresh_token: rftk_...
expires_at: 1700000000
token_expires_at: 1700003600
user:
public_id: '#20483-18393'
username: player123
email: user@example.com
language: fr
role: user
User:
type: object
description: 'Full user object returned by the user-facing profile endpoint. Internal UUID is hidden (`json:"-"` in
Go model).
'
properties:
email:
type: string
format: email
username:
type: string
public_id:
type: string
example: '#20483-18393'
role:
type: string
enum:
- user
- moderator
- administrator
level:
type: integer
example: 5
rank:
type: string
example: Beginner
account_status:
type: string
enum:
- active
- suspended
- banned
- inactive
- deleted
banned_until:
type: string
format: date-time
nullable: true
ban_reason:
type: string
nullable: true
has_avatar:
type: boolean
created_at:
type: string
format: date-time
updated_at:
type: string
format: date-time
country:
type: string
nullable: true
bio:
type: string
nullable: true
language:
type: string
example: fr
experience:
type: integer
format: int64
elo_rating:
type: integer
description: ELO rating for ranked matches
example: 1000
elo_games_played:
type: integer
example: 0
status:
type: string
enum:
- online
- offline
is_online:
type: boolean
last_seen_at:
type: string
format: date-time
nullable: true
current_game_id:
type: string
format: uuid
nullable: true
is_profile_public:
type: boolean
show_online_status:
type: boolean
allow_friend_requests:
type: boolean
allow_party_invites:
type: boolean
last_public_id_regeneration:
type: string
format: date-time
nullable: true
game_stats:
nullable: true
$ref: '#/components/schemas/UserGameStats'
AdminUser:
type: object
description: 'Full user object returned by admin endpoints. Includes the internal UUID `id` field (exposed only to administrators).
'
properties:
id:
type: string
format: uuid
description: Internal UUID (admin-only)
email:
type: string
format: email
username:
type: string
public_id:
type: string
example: '#20483-18393'
role:
type: string
enum:
- user
- moderator
- administrator
account_status:
type: string
enum:
- active
- suspended
- banned
- inactive
- deleted
banned_until:
type: string
format: date-time
nullable: true
ban_reason:
type: string
nullable: true
has_avatar:
type: boolean
created_at:
type: string
format: date-time
updated_at:
type: string
format: date-time
country:
type: string
nullable: true
bio:
type: string
nullable: true
language:
type: string
example: fr
experience:
type: integer
format: int64
level:
type: integer
example: 5
rank:
type: string
example: Beginner
elo_rating:
type: integer
example: 1000
elo_games_played:
type: integer
example: 0
status:
type: string
enum:
- online
- offline
is_online:
type: boolean
last_seen_at:
type: string
format: date-time
nullable: true
current_game_id:
type: string
format: uuid
nullable: true
is_profile_public:
type: boolean
show_online_status:
type: boolean
allow_friend_requests:
type: boolean
allow_party_invites:
type: boolean
game_stats:
nullable: true
$ref: '#/components/schemas/UserGameStats'
UserGameStats:
type: object
description: Aggregate game statistics for a user
properties:
total_games:
type: integer
games_won:
type: integer
games_lost:
type: integer
day_streak:
type: integer
description: Current daily activity streak
best_day_streak:
type: integer
total_score:
type: integer
format: int64
average_score:
type: number
play_time:
type: integer
format: int64
description: Total play time in seconds
last_game_at:
type: string
format: date-time
nullable: true
UserUpdate:
type: object
description: 'Fields that can be updated by an admin. All fields are optional. `language` must be one of: `en`, `fr`,
`es`. `bio` max 50 characters. When `account_status` is set to `inactive` or `banned`, all user sessions are automatically
revoked.
'
properties:
email:
type: string
format: email
username:
type: string
minLength: 3
maxLength: 20
role:
type: string
enum:
- user
- moderator
- administrator
account_status:
type: string
enum:
- active
- suspended
- banned
- inactive
description: Cannot be set to `deleted` via this endpoint
bio:
type: string
maxLength: 50
nullable: true
language:
type: string
enum:
- en
- fr
- es
is_profile_public:
type: boolean
show_online_status:
type: boolean
allow_friend_requests:
type: boolean
allow_party_invites:
type: boolean
UserBasicInfo:
type: object
description: 'Minimal user info returned by `GET /me`. Sufficient for navbar and lightweight UI components.
Also used by mobile clients on startup to detect an in-progress game via
`current_game_public_id` and auto-redirect the player back into it.
'
properties:
public_id: