From 10b5702e11f7f02ce05740e77f08a55ef307ea29 Mon Sep 17 00:00:00 2001
From: Nabil Derouiche <nabil.derouiche@gmail.com>
Date: Sun, 19 Apr 2026 21:03:20 +0100
Subject: [PATCH] feat: add Swagger UI for interactive API documentation

---
 backend/pom.xml                               |  7 ++++
 .../com/rayhan/erp/config/OpenApiConfig.java  | 41 +++++++++++++++++++
 .../rayhan/erp/config/WebSecurityConfig.java  |  1 +
 3 files changed, 49 insertions(+)
 create mode 100644 backend/src/main/java/com/rayhan/erp/config/OpenApiConfig.java

diff --git a/backend/pom.xml b/backend/pom.xml
index c1e4859..b63e1ef 100644
--- a/backend/pom.xml
+++ b/backend/pom.xml
@@ -82,6 +82,13 @@
             <optional>true</optional>
         </dependency>
 
+        <!-- Swagger UI — documentation interactive de l'API -->
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+            <version>2.5.0</version>
+        </dependency>
+
         <!-- Tests -->
         <dependency>
             <groupId>org.springframework.boot</groupId>
diff --git a/backend/src/main/java/com/rayhan/erp/config/OpenApiConfig.java b/backend/src/main/java/com/rayhan/erp/config/OpenApiConfig.java
new file mode 100644
index 0000000..4693621
--- /dev/null
+++ b/backend/src/main/java/com/rayhan/erp/config/OpenApiConfig.java
@@ -0,0 +1,41 @@
+package com.rayhan.erp.config;
+
+import io.swagger.v3.oas.models.Components;
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.info.Contact;
+import io.swagger.v3.oas.models.info.Info;
+import io.swagger.v3.oas.models.security.SecurityRequirement;
+import io.swagger.v3.oas.models.security.SecurityScheme;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class OpenApiConfig {
+
+    @Bean
+    public OpenAPI openAPI() {
+        return new OpenAPI()
+            .info(new Info()
+                .title("ERP Rayhan — API REST")
+                .description("API de gestion ERP pour SUARL Rayhan (plasturgie). PFE Ali Guennari.\n\n" +
+                    "**Comment utiliser :**\n" +
+                    "1. Cliquez sur `POST /api/auth/signin` → Try it out → Execute\n" +
+                    "2. Copiez le `token` de la réponse\n" +
+                    "3. Cliquez sur le bouton **Authorize 🔒** en haut à droite\n" +
+                    "4. Collez le token et cliquez Authorize\n" +
+                    "5. Tous les endpoints sont maintenant accessibles !\n\n" +
+                    "**Identifiants par défaut :** admin / Rayhan2024!")
+                .version("1.0.0")
+                .contact(new Contact()
+                    .name("Ali Guennari — PFE SUARL Rayhan")
+                    .email("ali.guennari@rayhan.tn")))
+            .addSecurityItem(new SecurityRequirement().addList("Bearer Authentication"))
+            .components(new Components()
+                .addSecuritySchemes("Bearer Authentication",
+                    new SecurityScheme()
+                        .type(SecurityScheme.Type.HTTP)
+                        .scheme("bearer")
+                        .bearerFormat("JWT")
+                        .description("Entrez votre token JWT (sans le préfixe 'Bearer ')")));
+    }
+}
diff --git a/backend/src/main/java/com/rayhan/erp/config/WebSecurityConfig.java b/backend/src/main/java/com/rayhan/erp/config/WebSecurityConfig.java
index 17c8c73..694d1af 100644
--- a/backend/src/main/java/com/rayhan/erp/config/WebSecurityConfig.java
+++ b/backend/src/main/java/com/rayhan/erp/config/WebSecurityConfig.java
@@ -61,6 +61,7 @@ public class WebSecurityConfig {
                 .requestMatchers("/api/auth/**").permitAll()
                 .requestMatchers("/api/test/**").permitAll()
                 .requestMatchers("/error").permitAll()
+                .requestMatchers("/swagger-ui/**", "/swagger-ui.html", "/v3/api-docs/**").permitAll()
                 .anyRequest().authenticated()
             );