add APIkey-based authentication to swagger documentation

amqp/amqp_endpoints.go

@@ -47,6 +47,7 @@ func RegisterAMQPEndpoint(r *gin.RouterGroup) {
 // @Failure 500 {object} docs.ResponseError "Internal server error"
 // @Param ICID path int true "InfrastructureComponent ID"
 // @Router /ic/{ICID}/action [post]
+// @Security Bearer
 func sendActionToIC(c *gin.Context) {
 
 	ok, s := infrastructure_component.CheckPermissions(c, database.ModelInfrastructureComponentAction, database.Update, true)

doc/api/swagger.yaml

@@ -1,4 +1,4 @@
-basePath: /api/v2
+basePath: http://localhost:4000/api/v2/
 definitions:
   component_configuration.addConfigRequest:
     properties:
@@ -436,7 +436,6 @@ definitions:
         type: string
     required:
     - Category
-    - Host
     - Name
     - Type
     - UUID
@@ -672,9 +671,9 @@ info:
     email: sonja.happ@eonerc.rwth-aachen.de
     name: Sonja Happ
   description: |-
-    This is the VILLASweb Backend API v2.0.
+    This is the [VILLASweb Backend](https://git.rwth-aachen.de/acs/public/villas/web-backend-go) API v2.0.
-    Parts of this API are still in development. Please check the [VILLASweb-backend-go repository](https://git.rwth-aachen.de/acs/public/villas/web-backend-go) for more information.
     This documentation is auto-generated based on the API documentation in the code. The tool [swag](https://github.com/swaggo/swag) is used to auto-generate API docs for the [gin-gonic](https://github.com/gin-gonic/gin) framework.
+    Authentication: Use the authenticate endpoint below to obtain a token for your user account, copy the token into to the value field of the dialog showing up for the green Authorize button below and confirm with Done.
   license:
     name: GNU GPL 3.0
     url: http://www.gnu.de/documents/gpl-3.0.en.html
@@ -717,11 +716,6 @@ paths:
     get:
       operationId: getConfigs
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Scenario ID
         in: query
         name: scenarioID
@@ -746,6 +740,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get all component configurations of scenario
       tags:
       - component-configurations
@@ -754,11 +750,6 @@ paths:
       - application/json
       operationId: addConfig
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: component configuration to be added incl. IDs of scenario and
           IC
         in: body
@@ -790,6 +781,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Add a component configuration to a scenario
       tags:
       - component-configurations
@@ -797,11 +790,6 @@ paths:
     delete:
       operationId: deleteConfig
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Config ID
         in: path
         name: configID
@@ -830,17 +818,14 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Delete a component configuration
       tags:
       - component-configurations
     get:
       operationId: getConfig
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Config ID
         in: path
         name: configID
@@ -869,6 +854,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get a component configuration
       tags:
       - component-configurations
@@ -877,11 +864,6 @@ paths:
       - application/json
       operationId: updateConfig
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: component configuration to be updated
         in: body
         name: inputConfig
@@ -917,6 +899,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Update a component configuration
       tags:
       - component-configurations
@@ -924,11 +908,6 @@ paths:
     get:
       operationId: getDashboards
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Scenario ID
         in: query
         name: scenarioID
@@ -953,6 +932,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get all dashboards of scenario
       tags:
       - dashboards
@@ -961,11 +942,6 @@ paths:
       - application/json
       operationId: addDashboard
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Dashboard to be added incl. ID of Scenario
         in: body
         name: inputDab
@@ -996,6 +972,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Add a dashboard to a scenario
       tags:
       - dashboards
@@ -1003,11 +981,6 @@ paths:
     delete:
       operationId: deleteDashboard
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Dashboard ID
         in: path
         name: dashboardID
@@ -1036,17 +1009,14 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Delete a dashboard
       tags:
       - dashboards
     get:
       operationId: getDashboard
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Dashboard ID
         in: path
         name: dashboardID
@@ -1075,6 +1045,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get a dashboard
       tags:
       - dashboards
@@ -1083,11 +1055,6 @@ paths:
       - application/json
       operationId: updateDashboard
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Dashboard to be updated
         in: body
         name: inputDab
@@ -1123,6 +1090,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Update a dashboard
       tags:
       - dashboards
@@ -1130,11 +1099,6 @@ paths:
     get:
       operationId: getFiles
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Scenario ID
         in: query
         name: scenarioID
@@ -1159,6 +1123,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get all files of a specific scenario
       tags:
       - files
@@ -1170,13 +1136,9 @@ paths:
       - image/gif
       - model/x-cim
       - model/x-cim.zip
+      - multipart/form-data
       operationId: addFile
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: File to be uploaded
         in: formData
         name: inputFile
@@ -1210,6 +1172,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Add a file to a specific scenario
       tags:
       - files
@@ -1217,11 +1181,6 @@ paths:
     delete:
       operationId: deleteFile
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: ID of the file to update
         in: path
         name: fileID
@@ -1250,17 +1209,14 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Delete a file
       tags:
       - files
     get:
       operationId: getFile
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: ID of the file to download
         in: path
         name: fileID
@@ -1294,6 +1250,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Download a file
       tags:
       - files
@@ -1305,13 +1263,9 @@ paths:
       - image/gif
       - model/x-cim
       - model/x-cim.zip
+      - multipart/form-data
       operationId: updateFile
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: File to be uploaded
         in: formData
         name: inputFile
@@ -1345,6 +1299,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Update a file
       tags:
       - files
@@ -1367,12 +1323,6 @@ paths:
   /ic:
     get:
       operationId: getICs
-      parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       produces:
       - application/json
       responses:
@@ -1392,6 +1342,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get all infrastructure components
       tags:
       - infrastructure-components
@@ -1400,11 +1352,6 @@ paths:
       - application/json
       operationId: addIC
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Infrastructure Component to be added
         in: body
         name: inputIC
@@ -1435,6 +1382,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Add an infrastructure component
       tags:
       - infrastructure-components
@@ -1442,11 +1391,6 @@ paths:
     delete:
       operationId: deleteIC
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Infrastructure Component ID
         in: path
         name: ICID
@@ -1475,17 +1419,14 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Delete an infrastructure component
       tags:
       - infrastructure-components
     get:
       operationId: getIC
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Infrastructure Component ID
         in: path
         name: ICID
@@ -1514,6 +1455,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get infrastructure component
       tags:
       - infrastructure-components
@@ -1522,11 +1465,6 @@ paths:
       - application/json
       operationId: updateIC
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: InfrastructureComponent to be updated
         in: body
         name: inputIC
@@ -1562,6 +1500,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Update an infrastructure component
       tags:
       - infrastructure-components
@@ -1602,6 +1542,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Send an action to IC (only available if backend server is started with
         -amqp parameter)
       tags:
@@ -1610,11 +1552,6 @@ paths:
     get:
       operationId: getConfigsOfIC
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Infrastructure Component ID
         in: path
         name: ICID
@@ -1643,6 +1580,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get all configurations of the infrastructure component
       tags:
       - infrastructure-components
@@ -1660,12 +1599,6 @@ paths:
   /scenarios:
     get:
       operationId: getScenarios
-      parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       produces:
       - application/json
       responses:
@@ -1685,6 +1618,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get all scenarios of requesting user
       tags:
       - scenarios
@@ -1693,11 +1628,6 @@ paths:
       - application/json
       operationId: addScenario
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Scenario to be added
         in: body
         name: inputScenario
@@ -1728,6 +1658,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Add a scenario
       tags:
       - scenarios
@@ -1735,11 +1667,6 @@ paths:
     delete:
       operationId: deleteScenario
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Scenario ID
         in: path
         name: scenarioID
@@ -1764,17 +1691,14 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Delete a scenario
       tags:
       - scenarios
     get:
       operationId: getScenario
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Scenario ID
         in: path
         name: scenarioID
@@ -1799,6 +1723,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get scenario
       tags:
       - scenarios
@@ -1807,11 +1733,6 @@ paths:
       - application/json
       operationId: updateScenario
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Scenario to be updated
         in: body
         name: inputScenario
@@ -1847,6 +1768,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Update a scenario
       tags:
       - scenarios
@@ -1854,11 +1777,6 @@ paths:
     delete:
       operationId: deleteUserFromScenario
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Scenario ID
         in: path
         name: scenarioID
@@ -1888,17 +1806,14 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Delete a user from a scenario
       tags:
       - scenarios
     put:
       operationId: addUserToScenario
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Scenario ID
         in: path
         name: scenarioID
@@ -1928,6 +1843,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Add a user to a a scenario
       tags:
       - scenarios
@@ -1935,11 +1852,6 @@ paths:
     get:
       operationId: getUsersOfScenario
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Scenario ID
         in: path
         name: scenarioID
@@ -1964,6 +1876,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get users of a scenario
       tags:
       - scenarios
@@ -1981,11 +1895,6 @@ paths:
         name: configID
         required: true
         type: string
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       produces:
       - application/json
       responses:
@@ -2005,6 +1914,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get all signals of one direction
       tags:
       - signals
@@ -2013,11 +1924,6 @@ paths:
       - application/json
       operationId: AddSignal
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: A signal to be added to the component configuration incl. direction
           and config ID to which signal shall be added
         in: body
@@ -2049,6 +1955,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Add a signal to a signal mapping of a component configuration
       tags:
       - signals
@@ -2056,11 +1964,6 @@ paths:
     delete:
       operationId: deleteSignal
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: ID of signal to be deleted
         in: path
         name: signalID
@@ -2089,17 +1992,14 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Delete a signal
       tags:
       - signals
     get:
       operationId: getSignal
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: ID of signal to be obtained
         in: path
         name: signalID
@@ -2128,17 +2028,14 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get a signal
       tags:
       - signals
     put:
       operationId: updateSignal
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: A signal to be updated
         in: body
         name: inputSignal
@@ -2174,18 +2071,14 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Update a signal
       tags:
       - signals
   /users:
     get:
       operationId: GetUsers
-      parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       produces:
       - application/json
       responses:
@@ -2205,6 +2098,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get all users
       tags:
       - users
@@ -2220,11 +2115,6 @@ paths:
         schema:
           $ref: '#/definitions/user.addUserRequest'
           type: object
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       produces:
       - application/json
       responses:
@@ -2244,6 +2134,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Add a user
       tags:
       - users
@@ -2251,11 +2143,6 @@ paths:
     delete:
       operationId: DeleteUser
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: User ID
         in: path
         name: userID
@@ -2280,17 +2167,14 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Delete a user
       tags:
       - users
     get:
       operationId: GetUser
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: User ID
         in: path
         name: userID
@@ -2319,6 +2203,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get user
       tags:
       - users
@@ -2327,11 +2213,6 @@ paths:
       - application/json
       operationId: UpdateUser
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: User to be updated (anything except for ID can be changed, role
           can only be change by admin)
         in: body
@@ -2372,6 +2253,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Update a user
       tags:
       - users
@@ -2379,11 +2262,6 @@ paths:
     get:
       operationId: getWidgets
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Dashboard ID
         in: query
         name: dashboardID
@@ -2408,6 +2286,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get all widgets of dashboard
       tags:
       - widgets
@@ -2416,11 +2296,6 @@ paths:
       - application/json
       operationId: addWidget
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Widget to be added incl. ID of dashboard
         in: body
         name: inputWidget
@@ -2451,6 +2326,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Add a widget to a dashboard
       tags:
       - widgets
@@ -2458,11 +2335,6 @@ paths:
     delete:
       operationId: deleteWidget
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Widget ID
         in: path
         name: widgetID
@@ -2491,17 +2363,14 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Delete a widget
       tags:
       - widgets
     get:
       operationId: getWidget
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Widget ID
         in: path
         name: widgetID
@@ -2530,6 +2399,8 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Get a widget
       tags:
       - widgets
@@ -2538,11 +2409,6 @@ paths:
       - application/json
       operationId: updateWidget
       parameters:
-      - description: Authorization token
-        in: header
-        name: Authorization
-        required: true
-        type: string
       - description: Widget to be updated
         in: body
         name: inputWidget
@@ -2578,7 +2444,14 @@ paths:
           description: Internal server error
           schema:
             $ref: '#/definitions/docs.ResponseError'
+      security:
+      - Bearer: []
       summary: Update a widget
       tags:
       - widgets
+securityDefinitions:
+  Bearer:
+    in: header
+    name: Authorization
+    type: apiKey
 swagger: "2.0"

routes/component-configuration/config_endpoints.go

@@ -48,9 +48,9 @@ func RegisterComponentConfigurationEndpoints(r *gin.RouterGroup) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param scenarioID query int true "Scenario ID"
 // @Router /configs [get]
+// @Security Bearer
 func getConfigs(c *gin.Context) {
 
 	ok, so := scenario.CheckPermissions(c, database.Read, "query", -1)
@@ -78,9 +78,9 @@ func getConfigs(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputConfig body component_configuration.addConfigRequest true "component configuration to be added incl. IDs of scenario and IC"
 // @Router /configs [post]
+// @Security Bearer
 func addConfig(c *gin.Context) {
 
 	// Bind the request to JSON
@@ -125,10 +125,10 @@ func addConfig(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputConfig body component_configuration.updateConfigRequest true "component configuration to be updated"
 // @Param configID path int true "Config ID"
 // @Router /configs/{configID} [put]
+// @Security Bearer
 func updateConfig(c *gin.Context) {
 
 	ok, oldConfig := CheckPermissions(c, database.Update, "path", -1)
@@ -170,9 +170,9 @@ func updateConfig(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param configID path int true "Config ID"
 // @Router /configs/{configID} [get]
+// @Security Bearer
 func getConfig(c *gin.Context) {
 
 	ok, m := CheckPermissions(c, database.Read, "path", -1)
@@ -193,9 +193,9 @@ func getConfig(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param configID path int true "Config ID"
 // @Router /configs/{configID} [delete]
+// @Security Bearer
 func deleteConfig(c *gin.Context) {
 
 	ok, m := CheckPermissions(c, database.Delete, "path", -1)

routes/dashboard/dashboard_endpoints.go

@@ -49,9 +49,9 @@ func RegisterDashboardEndpoints(r *gin.RouterGroup) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param scenarioID query int true "Scenario ID"
 // @Router /dashboards [get]
+// @Security Bearer
 func getDashboards(c *gin.Context) {
 
 	ok, sim := scenario.CheckPermissions(c, database.Read, "query", -1)
@@ -79,9 +79,9 @@ func getDashboards(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputDab body dashboard.addDashboardRequest true "Dashboard to be added incl. ID of Scenario"
 // @Router /dashboards [post]
+// @Security Bearer
 func addDashboard(c *gin.Context) {
 
 	// bind request to JSON
@@ -125,10 +125,10 @@ func addDashboard(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputDab body dashboard.updateDashboardRequest true "Dashboard to be updated"
 // @Param dashboardID path int true "Dashboard ID"
 // @Router /dashboards/{dashboardID} [put]
+// @Security Bearer
 func updateDashboard(c *gin.Context) {
 
 	ok, oldDashboard := CheckPermissions(c, database.Update, "path", -1)
@@ -168,9 +168,9 @@ func updateDashboard(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param dashboardID path int true "Dashboard ID"
 // @Router /dashboards/{dashboardID} [get]
+// @Security Bearer
 func getDashboard(c *gin.Context) {
 
 	ok, dab := CheckPermissions(c, database.Read, "path", -1)
@@ -191,9 +191,9 @@ func getDashboard(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param dashboardID path int true "Dashboard ID"
 // @Router /dashboards/{dashboardID} [delete]
+// @Security Bearer
 func deleteDashboard(c *gin.Context) {
 	ok, dab := CheckPermissions(c, database.Delete, "path", -1)
 	if !ok {

routes/file/file_endpoints.go

@@ -48,9 +48,9 @@ func RegisterFileEndpoints(r *gin.RouterGroup) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param scenarioID query int true "Scenario ID"
 // @Router /files [get]
+// @Security Bearer
 func getFiles(c *gin.Context) {
 
 	ok, so := scenario.CheckPermissions(c, database.Read, "query", -1)
@@ -79,15 +79,16 @@ func getFiles(c *gin.Context) {
 // @Accept gif
 // @Accept model/x-cim
 // @Accept model/x-cim.zip
+// @Accept multipart/form-data
 // @Success 200 {object} docs.ResponseFile "File that was added"
 // @Failure 400 {object} docs.ResponseError "Bad request"
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputFile formData file true "File to be uploaded"
 // @Param scenarioID query int true "ID of scenario to which file shall be added"
 // @Router /files [post]
+// @Security Bearer
 func addFile(c *gin.Context) {
 
 	ok, so := scenario.CheckPermissions(c, database.Read, "query", -1)
@@ -125,9 +126,9 @@ func addFile(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param fileID path int true "ID of the file to download"
 // @Router /files/{fileID} [get]
+// @Security Bearer
 func getFile(c *gin.Context) {
 
 	// check access
@@ -151,15 +152,16 @@ func getFile(c *gin.Context) {
 // @Accept gif
 // @Accept model/x-cim
 // @Accept model/x-cim.zip
+// @Accept multipart/form-data
 // @Success 200 {object} docs.ResponseFile "File that was updated"
 // @Failure 400 {object} docs.ResponseError "Bad request"
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputFile formData file true "File to be uploaded"
 // @Param fileID path int true "ID of the file to update"
 // @Router /files/{fileID} [put]
+// @Security Bearer
 func updateFile(c *gin.Context) {
 
 	// check access
@@ -191,9 +193,9 @@ func updateFile(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param fileID path int true "ID of the file to update"
 // @Router /files/{fileID} [delete]
+// @Security Bearer
 func deleteFile(c *gin.Context) {
 
 	// check access

routes/infrastructure-component/ic_endpoints.go

@@ -47,8 +47,8 @@ func RegisterICEndpoints(r *gin.RouterGroup) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Router /ic [get]
+// @Security Bearer
 func getICs(c *gin.Context) {
 
 	// Checking permission is not required here since READ access is independent of user's role
@@ -73,9 +73,9 @@ func getICs(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputIC body infrastructure_component.addICRequest true "Infrastructure Component to be added"
 // @Router /ic [post]
+// @Security Bearer
 func addIC(c *gin.Context) {
 
 	ok, _ := CheckPermissions(c, database.ModelInfrastructureComponent, database.Create, false)
@@ -118,10 +118,10 @@ func addIC(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputIC body infrastructure_component.updateICRequest true "InfrastructureComponent to be updated"
 // @Param ICID path int true "InfrastructureComponent ID"
 // @Router /ic/{ICID} [put]
+// @Security Bearer
 func updateIC(c *gin.Context) {
 
 	ok, oldIC := CheckPermissions(c, database.ModelInfrastructureComponent, database.Update, true)
@@ -163,9 +163,9 @@ func updateIC(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param ICID path int true "Infrastructure Component ID"
 // @Router /ic/{ICID} [get]
+// @Security Bearer
 func getIC(c *gin.Context) {
 
 	ok, s := CheckPermissions(c, database.ModelInfrastructureComponent, database.Read, true)
@@ -186,9 +186,9 @@ func getIC(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param ICID path int true "Infrastructure Component ID"
 // @Router /ic/{ICID} [delete]
+// @Security Bearer
 func deleteIC(c *gin.Context) {
 
 	ok, s := CheckPermissions(c, database.ModelInfrastructureComponent, database.Delete, true)
@@ -214,9 +214,9 @@ func deleteIC(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param ICID path int true "Infrastructure Component ID"
 // @Router /ic/{ICID}/configs [get]
+// @Security Bearer
 func getConfigsOfIC(c *gin.Context) {
 
 	ok, s := CheckPermissions(c, database.ModelInfrastructureComponent, database.Read, true)

routes/scenario/scenario_endpoints.go

@@ -51,8 +51,8 @@ func RegisterScenarioEndpoints(r *gin.RouterGroup) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Router /scenarios [get]
+// @Security Bearer
 func getScenarios(c *gin.Context) {
 
 	// Checking permissions is not required here as read access is independent of user's role
@@ -97,9 +97,9 @@ func getScenarios(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputScenario body scenario.addScenarioRequest true "Scenario to be added"
 // @Router /scenarios [post]
+// @Security Bearer
 func addScenario(c *gin.Context) {
 
 	ok, _ := CheckPermissions(c, database.Create, "none", -1)
@@ -156,10 +156,10 @@ func addScenario(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputScenario body scenario.updateScenarioRequest true "Scenario to be updated"
 // @Param scenarioID path int true "Scenario ID"
 // @Router /scenarios/{scenarioID} [put]
+// @Security Bearer
 func updateScenario(c *gin.Context) {
 
 	ok, oldScenario := CheckPermissions(c, database.Update, "path", -1)
@@ -201,9 +201,9 @@ func updateScenario(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param scenarioID path int true "Scenario ID"
 // @Router /scenarios/{scenarioID} [get]
+// @Security Bearer
 func getScenario(c *gin.Context) {
 
 	ok, so := CheckPermissions(c, database.Read, "path", -1)
@@ -224,9 +224,9 @@ func getScenario(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param scenarioID path int true "Scenario ID"
 // @Router /scenarios/{scenarioID} [delete]
+// @Security Bearer
 func deleteScenario(c *gin.Context) {
 
 	ok, so := CheckPermissions(c, database.Delete, "path", -1)
@@ -251,9 +251,9 @@ func deleteScenario(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param scenarioID path int true "Scenario ID"
 // @Router /scenarios/{scenarioID}/users/ [get]
+// @Security Bearer
 func getUsersOfScenario(c *gin.Context) {
 
 	ok, so := CheckPermissions(c, database.Read, "path", -1)
@@ -279,10 +279,10 @@ func getUsersOfScenario(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param scenarioID path int true "Scenario ID"
 // @Param username query string true "User name"
 // @Router /scenarios/{scenarioID}/user [put]
+// @Security Bearer
 func addUserToScenario(c *gin.Context) {
 
 	ok, so := CheckPermissions(c, database.Update, "path", -1)
@@ -320,10 +320,10 @@ func addUserToScenario(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param scenarioID path int true "Scenario ID"
 // @Param username query string true "User name"
 // @Router /scenarios/{scenarioID}/user [delete]
+// @Security Bearer
 func deleteUserFromScenario(c *gin.Context) {
 
 	ok, so := CheckPermissions(c, database.Update, "path", -1)

routes/signal/signal_endpoints.go

@@ -50,8 +50,8 @@ func RegisterSignalEndpoints(r *gin.RouterGroup) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Router /signals [get]
+// @Security Bearer
 func getSignals(c *gin.Context) {
 
 	ok, m := component_configuration.CheckPermissions(c, database.Read, "query", -1)
@@ -90,9 +90,9 @@ func getSignals(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputSignal body signal.addSignalRequest true "A signal to be added to the component configuration incl. direction and config ID to which signal shall be added"
 // @Router /signals [post]
+// @Security Bearer
 func addSignal(c *gin.Context) {
 
 	var req addSignalRequest
@@ -133,10 +133,10 @@ func addSignal(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputSignal body signal.updateSignalRequest true "A signal to be updated"
 // @Param signalID path int true "ID of signal to be updated"
 // @Router /signals/{signalID} [put]
+// @Security Bearer
 func updateSignal(c *gin.Context) {
 	ok, oldSignal := checkPermissions(c, database.Delete)
 	if !ok {
@@ -176,9 +176,9 @@ func updateSignal(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param signalID path int true "ID of signal to be obtained"
 // @Router /signals/{signalID} [get]
+// @Security Bearer
 func getSignal(c *gin.Context) {
 	ok, sig := checkPermissions(c, database.Delete)
 	if !ok {
@@ -198,9 +198,9 @@ func getSignal(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param signalID path int true "ID of signal to be deleted"
 // @Router /signals/{signalID} [delete]
+// @Security Bearer
 func deleteSignal(c *gin.Context) {
 
 	ok, sig := checkPermissions(c, database.Delete)

routes/user/user_endpoints.go

@@ -54,8 +54,8 @@ func RegisterUserEndpoints(r *gin.RouterGroup) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Router /users [get]
+// @Security Bearer
 func getUsers(c *gin.Context) {
 
 	err := database.ValidateRole(c, database.ModelUsers, database.Read)
@@ -84,8 +84,8 @@ func getUsers(c *gin.Context) {
 // @Failure 400 {object} docs.ResponseError "Bad request"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Router /users [post]
+// @Security Bearer
 func addUser(c *gin.Context) {
 
 	err := database.ValidateRole(c, database.ModelUser, database.Create)
@@ -144,10 +144,10 @@ func addUser(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputUser body user.updateUserRequest true "User to be updated (anything except for ID can be changed, role can only be change by admin)"
 // @Param userID path int true "User ID"
 // @Router /users/{userID} [put]
+// @Security Bearer
 func updateUser(c *gin.Context) {
 
 	// no need to validate the role since updating a single user is role independent
@@ -235,9 +235,9 @@ func updateUser(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param userID path int true "User ID"
 // @Router /users/{userID} [get]
+// @Security Bearer
 func getUser(c *gin.Context) {
 
 	// role validation not needed because updating a single user is role-independent
@@ -277,9 +277,9 @@ func getUser(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param userID path int true "User ID"
 // @Router /users/{userID} [delete]
+// @Security Bearer
 func deleteUser(c *gin.Context) {
 
 	err := database.ValidateRole(c, database.ModelUser, database.Delete)

routes/widget/widget_endpoints.go

@@ -48,9 +48,9 @@ func RegisterWidgetEndpoints(r *gin.RouterGroup) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param dashboardID query int true "Dashboard ID"
 // @Router /widgets [get]
+// @Security Bearer
 func getWidgets(c *gin.Context) {
 
 	ok, dab := dashboard.CheckPermissions(c, database.Read, "query", -1)
@@ -78,9 +78,9 @@ func getWidgets(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputWidget body widget.addWidgetRequest true "Widget to be added incl. ID of dashboard"
 // @Router /widgets [post]
+// @Security Bearer
 func addWidget(c *gin.Context) {
 
 	var req addWidgetRequest
@@ -122,10 +122,10 @@ func addWidget(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param inputWidget body widget.updateWidgetRequest true "Widget to be updated"
 // @Param widgetID path int true "Widget ID"
 // @Router /widgets/{widgetID} [put]
+// @Security Bearer
 func updateWidget(c *gin.Context) {
 
 	ok, oldWidget := CheckPermissions(c, database.Update, -1)
@@ -166,9 +166,9 @@ func updateWidget(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param widgetID path int true "Widget ID"
 // @Router /widgets/{widgetID} [get]
+// @Security Bearer
 func getWidget(c *gin.Context) {
 
 	ok, w := CheckPermissions(c, database.Read, -1)
@@ -189,9 +189,9 @@ func getWidget(c *gin.Context) {
 // @Failure 404 {object} docs.ResponseError "Not found"
 // @Failure 422 {object} docs.ResponseError "Unprocessable entity"
 // @Failure 500 {object} docs.ResponseError "Internal server error"
-// @Param Authorization header string true "Authorization token"
 // @Param widgetID path int true "Widget ID"
 // @Router /widgets/{widgetID} [delete]
+// @Security Bearer
 func deleteWidget(c *gin.Context) {
 
 	ok, w := CheckPermissions(c, database.Delete, -1)

start.go

@@ -57,14 +57,17 @@ func addData(router *gin.Engine, mode string, basePath string) error {
 
 // @title VILLASweb Backend API
 // @version 2.0
-// @description This is the VILLASweb Backend API v2.0.
+// @description This is the [VILLASweb Backend](https://git.rwth-aachen.de/acs/public/villas/web-backend-go) API v2.0.
-// @description Parts of this API are still in development. Please check the [VILLASweb-backend-go repository](https://git.rwth-aachen.de/acs/public/villas/web-backend-go) for more information.
 // @description This documentation is auto-generated based on the API documentation in the code. The tool [swag](https://github.com/swaggo/swag) is used to auto-generate API docs for the [gin-gonic](https://github.com/gin-gonic/gin) framework.
+// @description Authentication: Use the authenticate endpoint below to obtain a token for your user account, copy the token into to the value field of the dialog showing up for the green Authorize button below and confirm with Done.
 // @contact.name Sonja Happ
 // @contact.email sonja.happ@eonerc.rwth-aachen.de
 // @license.name GNU GPL 3.0
 // @license.url http://www.gnu.de/documents/gpl-3.0.en.html
 // @BasePath /api/v2
+// @securityDefinitions.apikey Bearer
+// @in header
+// @name Authorization
 func main() {
 	log.Println("Starting VILLASweb-backend-go")