Added authentication documentation

docs/authentication.md

+# Authentication
+## Using a remote client
+There are two end points that you can use for authentication
+
+``` 
+[VIPSLogic_URL]/auth/login
+```
+
+This is a POST service where you provide the credentials like this in the request body:
+
+``` json
+{
+    "username": "foo",
+    "password": "bar"
+}
+
+```
+
+**For this to be secure, VIPSLogic must be contacted over SSL.**
+
+The response upon a successful login is with a status of 201 (created) and this example payload:
+
+``` json
+{
+    "success": true,
+    "UUID": "0a51facb-addd-4a6a-9222-7bf0aabb1ab8"
+}
+
+```
+
+The UUID is valid for 30 days. To check if it's still valid, use this endpoint:
+
+``` 
+[VIPSLogic_URL]/auth/uuid
+```
+
+And provide the UUID in the Authorization header. If the UUID is invalid, either because it never existed or has expired, the service returns HTTP status code 404 (Not found). If the UUID is valid, you get the basic user information, for example this:
+
+``` json
+{
+    "userId": 313131,
+    "email": "foo@bar.com",
+    "phone": "12345678",
+    "phoneCountryCode": "47",
+    "firstName": "Foo",
+    "lastName": "Bar",
+    "preferredLocale": "nb",
+    "userUuid": "0a51facb-addd-4a6a-9222-7bf0aabb1ab8",
+    "organization_id": 1
+}
+``` 
\ No newline at end of file

docs/index.md

@@ -2,6 +2,8 @@
 
 [The data model](./data_model.md)
 
+[Authentication](./authentication.md)
+
 [Troubleshooting](./troubleshooting.md)
 
 ## Building VIPSLogic

src/main/java/no/nibio/vips/logic/service/AuthenticationService.java

@@ -34,18 +34,19 @@ import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
 
-import org.jboss.resteasy.spi.interception.PreProcessInterceptor;
 
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.node.ObjectNode;
 import com.webcohesion.enunciate.metadata.Facet;
+import com.webcohesion.enunciate.metadata.rs.TypeHint;
 
 import no.nibio.vips.logic.entity.UserUuid;
 import no.nibio.vips.logic.entity.VipsLogicUser;
 import no.nibio.vips.logic.util.SessionControllerGetter;
 
 /**
+ * Authentication services
  * @copyright 2021 <a href="http://www.nibio.no/">NIBIO</a>
  * @author Tor-Einar Skog <tor-einar.skog@nibio.no>
  */
@@ -58,6 +59,13 @@ public class AuthenticationService {
 	
 	/**
 	 * Authenticates user
+	 * Example input
+     * <pre>
+     * {
+        "username": "foo",
+        "password": "bar"
+      }
+     </pre>
 	 * @responseExample application/json {"success":"true", "UUID": "01bce95b-0004-4567-a4a2-3c184954fc15"}
 	 * @responseExample application/json {"success":"false"}
 	 */
@@ -92,9 +100,14 @@ public class AuthenticationService {
         return Response.status(user != null ? Status.CREATED : Status.NOT_FOUND).entity(result).build();
 	}
 	
+	/**
+	 * 
+	 * @return The VIPSLogic user associated with this uuid, or 404 if not found
+	 */
 	@GET
 	@Path("uuid")
 	@Produces(MediaType.APPLICATION_JSON)
+	@TypeHint(VipsLogicUser.class)
 	public Response getUserByUuidInAuthorizationHeader()
 	{
 		String uuidStr = httpServletRequest.getHeader(HttpHeaders.AUTHORIZATION);