如何找到我网站的所有API? [关闭]

The lead developer abruptly left my company last week. The APIs weren't documented. So I'm scrabbling to discover what each one API is, and then document them in JIRA. We use Golang for our backend. I tried using Charles Proxy, Fiddler, JMeter, and Chromes inspector/network, but the APIs aren't displaying. I have technical limitations and I'd like to find all our APIs as soon as possible. One of my developers told me to download and install Goland. And instructed me to perform the following

"byte.*(okay|StatusOK|Successful) and mux. and nomapi. to get the end points and those that are using it, not sure if all of them use mux and nomapi though

With goland you can jump to definitions easily very useful with not familiar code And find usages"

Not sure what he meant by all of that.

Can someone point me in the right direction?

This really depends on what your developer used to create the APIs. Your best bet is to parse the source code rather than poke with tools like Chrome inspector. What you want to find is the router for the API handlers. The router is basically a structure that maps API endpoints (like /api/v1/login/) to Go functions that handle the calls (appropriately called handlers). But, unfortunately, depending on what framework/library was used and how the code was structured, this could be in a lot of very different places. So, while I cannot give you one definite answer, I can give you a few suggestions.

  1. You are going to have to read Go code. No way around it. It is not that hard, so don't get scared.
  2. There is a good chance that there is a file or multiple files called route.go or routes.go or router.go or something similar. If you find anything like that, look there first.
  3. If you cannot find any routes, use Chrome inspector's network tab to see what API calls your front end makes, then grep the code for the endpoints. Say, if your front end makes an API call to http://api.domain.com/api/v1/accounts/, search the code for /accounts/ and for /api/v1/ and if that doesn't work for /api/. With any luck the second or third search might get you to the root router for the application and you will be able to trace it from there.
  4. If you find some routes (or route handlers), but not all of them, look for the package name at the top of the file. If it is not main, and especially if it is called something like routes look for any place where this package is imported (just grep for the package name in all the files and ignore the package declaration itself).
  5. Probably the most popular router library is gorilla mux. Check the code for any references to github.com/gorilla/mux in case it was used. If it was used, look for any code that has HandleFunc in it. These are going to be the routers. The same is true if no router library is used at all.

Good luck.