931 lines
24 KiB
YAML
931 lines
24 KiB
YAML
openapi: 3.0.3
|
|
info:
|
|
title: Banking API
|
|
description: |-
|
|
Lucas Mathews - Fontys Student ID: 5023572
|
|
contact:
|
|
email: 522499@student.fontys.nl
|
|
version: 3.0.0
|
|
servers:
|
|
- url: /
|
|
tags:
|
|
- name: client
|
|
description: Operations for Client Accounts
|
|
- name: account
|
|
description: Operations for Bank Accounts
|
|
- name: transaction
|
|
description: Operations for Transactions
|
|
- name: auth
|
|
description: Operations for Authentication
|
|
- name: system
|
|
description: Operations for System
|
|
- name: admin
|
|
description: Operations for Admin
|
|
paths:
|
|
/Client/Login:
|
|
post:
|
|
tags:
|
|
- auth
|
|
summary: Log in to the system
|
|
description: Log in to the system
|
|
operationId: manager.login
|
|
requestBody:
|
|
description: Login credentials
|
|
required: true
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
properties:
|
|
client_id:
|
|
type: string
|
|
description: Client ID
|
|
client_hash:
|
|
type: string
|
|
description: Hashed password
|
|
required:
|
|
- client_id
|
|
- client_hash
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
properties:
|
|
success:
|
|
type: boolean
|
|
message:
|
|
type: string
|
|
'401':
|
|
description: Invalid Client ID/password supplied
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
properties:
|
|
success:
|
|
type: boolean
|
|
message:
|
|
type: string
|
|
/Client/Logout:
|
|
post:
|
|
tags:
|
|
- auth
|
|
summary: Log out from the system
|
|
description: Log out from the system
|
|
operationId: manager.logout
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
'404':
|
|
description: Already logged out
|
|
/Client/Status:
|
|
get:
|
|
tags:
|
|
- auth
|
|
summary: Get login status
|
|
description: Get login status
|
|
operationId: manager.status
|
|
responses:
|
|
'200':
|
|
description: Logged in
|
|
'400':
|
|
description: Not logged in
|
|
/Client/Password:
|
|
put:
|
|
tags:
|
|
- auth
|
|
summary: Change password
|
|
description: Change password
|
|
operationId: manager.change_password
|
|
requestBody:
|
|
required: true
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
properties:
|
|
client_id:
|
|
type: string
|
|
description: ID of client to change password
|
|
hash_old_password:
|
|
type: string
|
|
description: Old password as a hash
|
|
hash_new_password:
|
|
type: string
|
|
description: New password as a hash
|
|
otp_code:
|
|
type: integer
|
|
format: int32
|
|
description: OTP to verify
|
|
required:
|
|
- client_id
|
|
- hash_old_password
|
|
- hash_new_password
|
|
- otp_code
|
|
responses:
|
|
'200':
|
|
description: Password changed successfully
|
|
'400':
|
|
description: Validation error
|
|
'401':
|
|
description: Unauthorised
|
|
'404':
|
|
description: Client not found
|
|
/OTP/Generate:
|
|
post:
|
|
tags:
|
|
- auth
|
|
summary: Generate OTP
|
|
description: Generate OTP
|
|
operationId: manager.generate_otp
|
|
parameters:
|
|
- name: client_id
|
|
in: query
|
|
description: ID of client to generate OTP
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: OTP generated
|
|
'401':
|
|
description: Unauthorised
|
|
'400':
|
|
description: OTP not valid
|
|
'404':
|
|
description: client_id not found
|
|
/Client:
|
|
post:
|
|
tags:
|
|
- client
|
|
summary: Update an existing client
|
|
description: Update an existing client Id
|
|
operationId: manager.update_client
|
|
parameters:
|
|
- name: client_id
|
|
in: query
|
|
description: ID of client to update
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: otp_code
|
|
in: query
|
|
description: OTP to verify
|
|
required: true
|
|
schema:
|
|
type: integer
|
|
format: int32
|
|
- name: name
|
|
in: query
|
|
description: Client Name
|
|
required: false
|
|
schema:
|
|
type: string
|
|
- name: birthdate
|
|
in: query
|
|
description: Client Birthdate (dd-mm-yyyy)
|
|
required: false
|
|
schema:
|
|
type: string
|
|
- name: address
|
|
in: query
|
|
description: Client Address
|
|
required: false
|
|
schema:
|
|
type: string
|
|
- name: phone_number
|
|
in: query
|
|
description: Client Phone Number
|
|
required: false
|
|
schema:
|
|
type: string
|
|
- name: email
|
|
in: query
|
|
description: Client Email Address
|
|
required: false
|
|
schema:
|
|
type: string
|
|
- name: notes
|
|
in: query
|
|
description: Notes about client
|
|
required: false
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
'404':
|
|
description: Invalid Client ID supplied
|
|
'403':
|
|
description: Unauthorised
|
|
'405':
|
|
description: OTP not valid
|
|
get:
|
|
tags:
|
|
- client
|
|
summary: Get a client by ID
|
|
description: Get a client by ID
|
|
operationId: manager.get_client
|
|
parameters:
|
|
- name: client_id
|
|
in: query
|
|
description: ID of client to return
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Client'
|
|
'400':
|
|
description: Invalid Client ID supplied
|
|
'404':
|
|
description: Client not found
|
|
/Client/Accounts:
|
|
get:
|
|
tags:
|
|
- client
|
|
summary: Get all accounts for a client
|
|
description: Get all accounts for a client
|
|
operationId: manager.get_accounts
|
|
parameters:
|
|
- name: client_id
|
|
in: query
|
|
description: ID of client to return accounts for
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApiResponse'
|
|
'400':
|
|
description: Invalid input
|
|
'404':
|
|
description: No accounts found
|
|
/Account:
|
|
post:
|
|
tags:
|
|
- account
|
|
summary: Add a new account
|
|
description: Add a new account to the system
|
|
operationId: manager.add_account
|
|
parameters:
|
|
- name: client_id
|
|
in: query
|
|
description: ID of client to add account to
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: description
|
|
in: query
|
|
description: Account description
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: account_type
|
|
in: query
|
|
description: Type of account
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: notes
|
|
in: query
|
|
description: Notes about account
|
|
required: false
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
'400':
|
|
description: Invalid input
|
|
'404':
|
|
description: client_id not found
|
|
put:
|
|
tags:
|
|
- account
|
|
summary: Update an existing account
|
|
description: Update an existing account
|
|
operationId: manager.update_account
|
|
parameters:
|
|
- name: account_id
|
|
in: query
|
|
description: ID of account to update
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: otp_code
|
|
in: query
|
|
description: OTP to verify
|
|
required: true
|
|
schema:
|
|
type: integer
|
|
format: int32
|
|
- name: description
|
|
in: query
|
|
description: Account description
|
|
required: false
|
|
schema:
|
|
type: string
|
|
- name: account_type
|
|
in: query
|
|
description: Type of account
|
|
required: false
|
|
schema:
|
|
type: string
|
|
- name: notes
|
|
in: query
|
|
description: Notes about account
|
|
required: false
|
|
schema:
|
|
type: string
|
|
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
'400':
|
|
description: Invalid Account ID supplied
|
|
get:
|
|
tags:
|
|
- account
|
|
summary: Get an account by ID
|
|
description: Get an account by ID
|
|
operationId: manager.get_account
|
|
parameters:
|
|
- name: account_id
|
|
in: query
|
|
description: ID of account to return
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Account'
|
|
'400':
|
|
description: Invalid Account ID supplied
|
|
'404':
|
|
description: Account not found
|
|
/Transaction:
|
|
get:
|
|
tags:
|
|
- transaction
|
|
summary: Get a transaction by ID
|
|
description: Get a transaction by ID
|
|
operationId: manager.get_transaction
|
|
parameters:
|
|
- name: transaction_id
|
|
in: query
|
|
description: ID of transaction to return
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Transaction'
|
|
'400':
|
|
description: Invalid Transaction ID supplied
|
|
'404':
|
|
description: Transaction not found
|
|
post:
|
|
tags:
|
|
- transaction
|
|
summary: Add a new transaction
|
|
description: Add a new transaction to the system
|
|
operationId: manager.add_transaction
|
|
parameters:
|
|
- name: amount
|
|
in: query
|
|
description: Amount of transaction
|
|
required: true
|
|
schema:
|
|
type: number
|
|
format: float
|
|
- name: account_id
|
|
in: query
|
|
description: Account number the money paid from
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: recipient_account_id
|
|
in: query
|
|
description: Recipient account_id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: otp_code
|
|
in: query
|
|
description: OTP to verify
|
|
required: true
|
|
schema:
|
|
type: integer
|
|
format: int32
|
|
- name: description
|
|
in: query
|
|
description: Description of transaction
|
|
required: false
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
'400':
|
|
description: Invalid input
|
|
'403':
|
|
description: Invalid OTP
|
|
'401':
|
|
description: Insufficient funds
|
|
'404':
|
|
description: account_id not Found
|
|
/Transaction/History:
|
|
get:
|
|
tags:
|
|
- transaction
|
|
summary: Get transaction history
|
|
description: Get transaction history
|
|
operationId: manager.transaction_history
|
|
parameters:
|
|
- name: account_id
|
|
in: query
|
|
description: ID of account to return
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Transaction'
|
|
'400':
|
|
description: Invalid input
|
|
'404':
|
|
description: No transactions found
|
|
/Admin/Interest:
|
|
post:
|
|
tags:
|
|
- admin
|
|
summary: Apply interest
|
|
description: Apply interest to account
|
|
operationId: manager.apply_interest
|
|
requestBody:
|
|
description: Apply interest to account
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Account'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Account'
|
|
'400':
|
|
description: Invalid input
|
|
'422':
|
|
description: Validation exception
|
|
put:
|
|
tags:
|
|
- admin
|
|
summary: Apply fee
|
|
description: Apply fee to account
|
|
operationId: manager.apply_fee
|
|
requestBody:
|
|
description: Apply fee to account
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Account'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Account'
|
|
'400':
|
|
description: Invalid input
|
|
'422':
|
|
description: Validation exception
|
|
/Admin/Clients:
|
|
get:
|
|
tags:
|
|
- admin
|
|
summary: Get all clients
|
|
description: Get all clients
|
|
operationId: manager.get_all_clients
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApiResponse'
|
|
'400':
|
|
description: Invalid input
|
|
'404':
|
|
description: No clients found
|
|
/Admin/Accounts:
|
|
get:
|
|
tags:
|
|
- admin
|
|
summary: Get all accounts
|
|
description: Get all accounts
|
|
operationId: manager.get_all_accounts
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApiResponse'
|
|
'400':
|
|
description: Invalid input
|
|
'404':
|
|
description: No accounts found
|
|
/Admin/Balance:
|
|
put:
|
|
tags:
|
|
- admin
|
|
summary: Modify account balance
|
|
description: Modify account balance
|
|
operationId: manager.modify_balance
|
|
parameters:
|
|
- name: account_id
|
|
in: query
|
|
description: ID of account to modify
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: balance
|
|
in: query
|
|
description: Amount to modify balance by
|
|
required: true
|
|
schema:
|
|
type: number
|
|
format: float
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
'400':
|
|
description: Invalid input
|
|
'404':
|
|
description: Account not found
|
|
/Admin/Transactions:
|
|
get:
|
|
tags:
|
|
- admin
|
|
summary: Get all transactions
|
|
description: Get all transactions
|
|
operationId: manager.get_all_transactions
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Transaction'
|
|
'400':
|
|
description: Invalid input
|
|
'404':
|
|
description: No transactions found
|
|
/System/Hash:
|
|
get:
|
|
tags:
|
|
- system
|
|
summary: Hash password
|
|
description: Pass a string through the hashing algorithm
|
|
operationId: manager.hash_password
|
|
parameters:
|
|
- name: password
|
|
in: query
|
|
description: Password to hash
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
'400':
|
|
description: Invalid input
|
|
'401':
|
|
description: Unauthorised
|
|
/System/Timestamp:
|
|
get:
|
|
tags:
|
|
- system
|
|
summary: Get the timestamp
|
|
description: Gets the date and time in the appropriate format
|
|
operationId: manager.timestamp
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
'400':
|
|
description: Invalid input
|
|
'401':
|
|
description: Unauthorised
|
|
/Admin/TestBalance:
|
|
get:
|
|
tags:
|
|
- admin
|
|
summary: Test the balance of all accounts
|
|
description: Tests the balance of all accounts and alerts of any discrepancies
|
|
operationId: manager.test_account_balances
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
'401':
|
|
description: Unauthorised
|
|
/System/Initialise:
|
|
get:
|
|
tags:
|
|
- system
|
|
summary: Initialise the system
|
|
description: Initialises the system with test data
|
|
operationId: manager.initialise_database
|
|
parameters:
|
|
- name: password
|
|
in: query
|
|
description: Password to initialise the system
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: email
|
|
in: query
|
|
description: Email to initialise the system
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
'400':
|
|
description: Database not empty, this function cannot be used
|
|
/Admin/Promote:
|
|
put:
|
|
tags:
|
|
- admin
|
|
summary: Promote a client to administrator
|
|
description: Promote a client to administrator
|
|
operationId: manager.promote_to_admin
|
|
parameters:
|
|
- name: client_id
|
|
in: query
|
|
description: ID of client to promote
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
'401':
|
|
description: Unauthorised
|
|
'404':
|
|
description: Client not found
|
|
/Admin/Demote:
|
|
put:
|
|
tags:
|
|
- admin
|
|
summary: Demote a client from administrator
|
|
description: Demote a client from administrator
|
|
operationId: manager.demote_from_admin
|
|
parameters:
|
|
- name: client_id
|
|
in: query
|
|
description: ID of client to demote
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
'401':
|
|
description: Unauthorised
|
|
'404':
|
|
description: Client not found
|
|
/Admin/Client:
|
|
post:
|
|
tags:
|
|
- admin
|
|
summary: Add a new client
|
|
description: Add a new client to the system
|
|
operationId: manager.add_client
|
|
parameters:
|
|
- name: name
|
|
in: query
|
|
description: Client Name
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: birthdate
|
|
in: query
|
|
description: Client Birthdate (dd-mm-yyyy)
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: address
|
|
in: query
|
|
description: Client Address
|
|
required: false
|
|
schema:
|
|
type: string
|
|
- name: phone_number
|
|
in: query
|
|
description: Client Phone Number
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: email
|
|
in: query
|
|
description: Client Email Address
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: password
|
|
in: query
|
|
description: Client Password
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- name: notes
|
|
in: query
|
|
description: Notes about client
|
|
required: false
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: "Client created"
|
|
'400':
|
|
description: Invalid input
|
|
'422':
|
|
description: Validation exception
|
|
/Delete/Client:
|
|
delete:
|
|
tags:
|
|
- admin
|
|
summary: Delete a client by ID
|
|
description: Delete a client by ID
|
|
operationId: manager.delete_client
|
|
parameters:
|
|
- name: client_id
|
|
in: query
|
|
description: ID of client to delete
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
'400':
|
|
description: Invalid Client ID supplied
|
|
'404':
|
|
description: Client not found
|
|
/Delete/Account:
|
|
delete:
|
|
tags:
|
|
- admin
|
|
summary: Delete an account by ID
|
|
description: Delete an account by ID
|
|
operationId: manager.delete_account
|
|
parameters:
|
|
- name: account_id
|
|
in: query
|
|
description: ID of account to delete
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
'200':
|
|
description: Successful operation
|
|
'400':
|
|
description: Invalid account_id supplied
|
|
'404':
|
|
description: Account not found
|
|
components:
|
|
schemas:
|
|
ApiResponse:
|
|
type: object
|
|
properties:
|
|
success:
|
|
type: boolean
|
|
message:
|
|
type: string
|
|
data:
|
|
type: object
|
|
example:
|
|
success: true
|
|
message: "Success"
|
|
data: {}
|
|
Client:
|
|
type: object
|
|
properties:
|
|
client_id:
|
|
type: string
|
|
name:
|
|
type: string
|
|
birthdate:
|
|
type: string
|
|
opening_timestamp:
|
|
type: string
|
|
address:
|
|
type: string
|
|
phone_number:
|
|
type: string
|
|
email:
|
|
type: string
|
|
example:
|
|
client_id: "896d4ed8"
|
|
name: "Lucas Mathews"
|
|
birthdate: "21-05-1980"
|
|
opening_timestamp: "17-04-2022 16:21:12"
|
|
address: "Rachelsmolen 1, 5612MA, Eindhoven"
|
|
phone_number: "0612345678"
|
|
email: "john.d@fontys.nl"
|
|
Account:
|
|
type: object
|
|
properties:
|
|
account_id:
|
|
type: string
|
|
client_id:
|
|
type: string
|
|
decription:
|
|
type: string
|
|
opening_timestamp:
|
|
type: string
|
|
account_type:
|
|
type: string
|
|
balance:
|
|
type: integer
|
|
format: float
|
|
notes:
|
|
type: string
|
|
example:
|
|
account_id: "63b6e8e8"
|
|
client_id: "896d4ed8"
|
|
description: "Savings Account"
|
|
opening_timestamp: "17-04-2022 16:21:12"
|
|
account_type: Savings Account"
|
|
balance: 2314.23
|
|
notes: "This account is for savings"
|
|
Transaction:
|
|
type: object
|
|
properties:
|
|
transaction_id:
|
|
type: string
|
|
transaction_type:
|
|
type: string
|
|
amount:
|
|
type: integer
|
|
format: float
|
|
timestamp:
|
|
type: string
|
|
description:
|
|
type: string
|
|
account_to:
|
|
type: string
|
|
recipient_account_number:
|
|
type: string
|
|
example:
|
|
transaction_id: "d1c4d836-9418-437f-b21c-5cc03d3fdc33"
|
|
transaction_type: "Deposit"
|
|
amount: 100.00
|
|
timestamp: "17-04-2022 16:21:12"
|
|
description: "Deposit to Savings Account"
|
|
account_id: "896d4ed8"
|
|
recipient_account_id: "05225f17"
|
|
|