feat(api): add /auth/whoami endpoint and build automation

2026-01-13 17:47:51 +00:00 · 2025-12-25 14:54:52 +08:00
parent 8e6d86edd7
commit 30f15a84b5
7 changed files with 397 additions and 1 deletions
--- a/docs/swagger.yaml
+++ b/docs/swagger.yaml
@@ -731,6 +731,64 @@ definitions:
        description: active/suspended
        type: string
    type: object
+  internal_api.WhoamiResponse:
+    properties:
+      created_at:
+        example: 1703505600
+        type: integer
+      default_namespace:
+        example: default
+        type: string
+      epoch:
+        example: 1
+        type: integer
+      global_qps:
+        example: 100
+        type: integer
+      group:
+        example: default
+        type: string
+      id:
+        description: Master fields (only present when type is "master")
+        example: 1
+        type: integer
+      issued_at_epoch:
+        example: 1
+        type: integer
+      issued_by:
+        example: master
+        type: string
+      master_id:
+        description: Key fields (only present when type is "key")
+        example: 1
+        type: integer
+      max_child_keys:
+        example: 5
+        type: integer
+      name:
+        example: tenant-a
+        type: string
+      namespaces:
+        example: default,ns1
+        type: string
+      role:
+        description: Admin fields (only present when type is "admin")
+        example: admin
+        type: string
+      scopes:
+        example: chat:write
+        type: string
+      status:
+        example: active
+        type: string
+      type:
+        description: 'Type of the authenticated identity: "admin", "master", or "key"'
+        example: master
+        type: string
+      updated_at:
+        example: 1703505600
+        type: integer
+    type: object
  internal_api.refreshModelRegistryRequest:
    properties:
      ref:
@@ -2612,6 +2670,33 @@ paths:
      summary: Test dependency connectivity
      tags:
      - system
+  /auth/whoami:
+    get:
+      description: |-
+        Returns the identity of the authenticated user based on the Authorization header.
+        Supports Admin Token, Master Key, and Child Key (API Key) authentication.
+
+        Response varies by token type:
+        - Admin Token: {"type": "admin", "role": "admin"}
+        - Master Key: {"type": "master", "id": 1, "name": "...", ...}
+        - Child Key: {"type": "key", "id": 5, "master_id": 1, "issued_by": "master", ...}
+      produces:
+      - application/json
+      responses:
+        "200":
+          description: OK
+          schema:
+            $ref: '#/definitions/internal_api.WhoamiResponse'
+        "401":
+          description: Invalid or missing token
+          schema:
+            $ref: '#/definitions/gin.H'
+      security:
+      - AdminAuth: []
+      - MasterAuth: []
+      summary: Get current identity
+      tags:
+      - auth
  /internal/stats/flush:
    post:
      consumes: