Implement changes for API authentication and Swagger UI (#541)

* initial token-based-api login handler

* add token schema and validation

* initial import of pyro3d api code

* basic Swagger spec support

* Merge in working copy of API/Device.pm

* Fix some error handling for API/Device.pm

* Break out utility functions into separate file, to allow other api portions to use

* Add NodeIP support.

* Add nodeip plugin to config

* remove double define of "plugin:" (#448)

disclaimer: i did not test this is any way, came across it when looking for something else.

* only AuthZ header for api use, and alway regen key on login

* use RFC7235

* workaround for Swagger plugin weird response body

* do not autodiscover swagger routes

* code formatting only

* move api util to utils area

* initial full swagger spec for nodeip search

* add api user role and fix api auth failure response

* update version of swagger-ui to 3.20.3

* add more openapi defs

* fixes to SQL and api spec

* clean up subs

* improvements to login/logout for API

* make api logout work

* add openapi tags to group operations

* allow api params to be generated from DBIC schema spec

* remove API calls for nodes and devices

* remove some poor assumptions about api calls

* tidy up

* remove DDP

* make login and logout similar

* example of api call being handled by ajax call

* make the branch authonly

share/config.yml

@@ -28,6 +28,7 @@ suggest_guest: false
 navbar_autocomplete: true
 trust_remote_user: false
 trust_x_remote_user: false
+api_token_lifetime: 3600
 #ldap:
 #  servers: []
 #  user_string: 'MYDOMAIN\%USER%'
@@ -409,6 +410,7 @@ worker_plugins:
   - 'Power'
   - 'Psql'
   - 'Renumber'
+  - 'SetUserToken'
   - 'Show'
   - 'Stats'
   - 'Vlan'
@@ -484,6 +486,9 @@ engines:
     INCLUDE_PATH: []
 layout: 'main'
 plugins:
+  Swagger:
+     main_api_module: 'App::Netdisco'
+     ui_url: '/swagger-ui'
   Auth::Extensible:
     no_api_change_warning: true
     no_default_pages: true