Needed a Checklist for endpoints

[metemaddar]

Using a checklist, we can make the development process of endpoints more secure. At the moment the checklist in my mind is as the following:

• Authentication & Authorization: Checking if it has the right authorization (All endpoints need authentication)
• Input Schemas: ID should not be in input schema in order to not change/specify during the Update/Create process.
• Response Model: Should be present.
• URI: Is URI as what we specified before?
• Example Payload: Does it work as it is?

[EPajares]

Thanks @metemaddar for raising this. This sound very reasonable. We could consider using the Github Wiki for document such things. What do you think?

[metemaddar]

@EPajares, Exactly. Then we can have them in wiki to refer to them fast, whenever we need it.

And I need to determine where is the good time to move it to the Wiki. Maybe at this time, it is good to use the checklist some times in order to create a scenario and description at wiki. I do not know if this is perfectionism and it is better to start from creating a wiki page at the beginning.

And also we can use discussions to keep issues with more clear tasks. I don't know. What is your opinion?

[majkshkurti]

I think for the API we should also consider putting the documentation in the "redoc" which is generated from openapi but can be extended with extra pages. It's not a wiki but more suitable for the API documentation. @metemaddar You can access it here: https://goat-dev.plan4better.de/api/redoc

Here is an example of a more complete one: https://redocly.github.io/redoc/

[EPajares]

I also discussed this today with Majk. I was a bit unaware of how powerful redoc can be. So we basically would propose that we figure out how we can expand the existing automatically generated docs from redoc. I will open a new issue for this.

[UJehle]

@EPajares is this issue done?