Add Owntracks API endpoint with api_key authentication

app/controllers/api/v1/owntracks/points_controller.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+class Api::V1::PointsController < ApplicationController
+  skip_forgery_protection
+  before_action :authenticate_api_key
+
+  def create
+    Owntracks::PointCreatingJob.perform_later(point_params)
+
+    render json: {}, status: :ok
+  end
+
+  private
+
+  def point_params
+    params.permit!
+  end
+end

app/controllers/api/v1/points_controller.rb

@@ -1,21 +1,17 @@
 # frozen_string_literal: true
 
+# TODO: Deprecate in 1.0
+
 class Api::V1::PointsController < ApplicationController
   skip_forgery_protection
 
   def create
+    Rails.logger.info 'This endpoint will be deprecated in 1.0. Use /api/v1/owntracks/points instead'
     Owntracks::PointCreatingJob.perform_later(point_params)
 
     render json: {}, status: :ok
   end
 
-  def destroy
-    @point = Point.find(params[:id])
-    @point.destroy
-
-    head :no_content
-  end
-
   private
 
   def point_params

config/routes.rb

@@ -6,6 +6,7 @@ Rails.application.routes.draw do
   mount Rswag::Api::Engine => '/api-docs'
   mount Rswag::Ui::Engine => '/api-docs'
   mount Sidekiq::Web => '/sidekiq'
+
   get 'settings/theme', to: 'settings#theme'
   get 'export', to: 'export#index'
   get 'export/download', to: 'export#download'
@@ -32,11 +33,15 @@ Rails.application.routes.draw do
 
   namespace :api do
     namespace :v1 do
-      resources :points
+      resources :points, only: :create # TODO: Deprecate in 1.0
 
       namespace :overland do
         resources :batches, only: :create
       end
+
+      namespace :owntracks do
+        resources :points, only: :create
+      end
     end
   end
 end

spec/requests/api/v1/owntracks/points_controller.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Api::V1::Owntracks::Points', type: :request do
+  describe 'POST /api/v1/owntracks/points' do
+    context 'with valid params' do
+      let(:params) do
+        { lat: 1.0, lon: 1.0, tid: 'test', tst: Time.current.to_i, topic: 'iPhone 12 pro' }
+      end
+      let(:user) { create(:user) }
+
+      context 'with invalid api key' do
+        it 'returns http unauthorized' do
+          post api_v1_points_path, params: params
+
+          expect(response).to have_http_status(:unauthorized)
+        end
+      end
+
+      context 'with valid api key' do
+        it 'returns http success' do
+          post api_v1_points_path(api_key: user.api_key), params: params
+
+          expect(response).to have_http_status(:success)
+        end
+
+        it 'enqueues a job' do
+          expect do
+            post api_v1_points_path(api_key: user.api_key), params: params
+          end.to have_enqueued_job(Owntracks::PointCreatingJob)
+        end
+      end
+    end
+  end
+end

swagger/v1/swagger.yaml

@@ -180,7 +180,7 @@ paths:
                   lat: 52.502397
                   lon: 13.356718
                   tid: Swagger
-                  tst: 1716633953
+                  tst: 1716634644
 servers:
 - url: http://{defaultHost}
   variables: