From ab8f145d3f1775bb0b2ca91859ad4e2d81be3e8e Mon Sep 17 00:00:00 2001
From: antifallobst <antifallobst@systemausfall.org>
Date: Thu, 17 Aug 2023 15:20:31 +0200
Subject: [PATCH] feat(api): defined token management endpoints

---
 API.md | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 54 insertions(+), 1 deletion(-)

diff --git a/API.md b/API.md
index 4d75c26..9d0da5b 100644
--- a/API.md
+++ b/API.md
@@ -39,6 +39,7 @@ __Content - JSON:__
 ##### 422 - Error: Unprocessable Entity
 Malformed email address.
 
+
 ### `/account/verify` - POST
 Verifies a requested account.
 
@@ -62,6 +63,7 @@ Blocked for security reasons.
 ##### 404 - Error: Forbidden
 The provided token is unknown.
 
+
 ### `/account/authenticate` - POST
 Generates an authentication token for an account.
 
@@ -109,6 +111,57 @@ Deletes the account.
 ##### 200 - Success
 The account was deleted.
 ##### 401 - Error: Unauthorized
-The provided token doesn't allow you to perform this operation.
+The provided auth token doesn't allow you to perform this operation.
+##### 403 - Error: Forbidden
+Blocked for security reasons.
+
+
+### `/account/tokens` - DELETE
+Deletes a token of the authenticated account.
+
+#### HTTP Headers
+| Header        | Content            |
+|---------------|--------------------|
+| Authorization | `Bearer {token}`   |
+| Content-Type  | `application/json` |
+
+#### Content - JSON
+| Field | Description                       |
+|-------|-----------------------------------|
+| token | The token that should be deleted. |
+
+#### Responses
+##### 200 - Success
+The token was deleted.
+##### 401 - Error: Unauthorized
+The provided auth token doesn't allow you to perform this operation.
+##### 403 - Error: Forbidden
+Blocked for security reasons.
+##### 404 - Error: Not Found
+The token that should be deleted wasn't found.
+
+
+### `/account/tokens` - GET
+Lists all active auth tokens for the account.
+
+#### HTTP Headers
+| Header        | Content            |
+|---------------|--------------------|
+| Authorization | `Bearer {token}`   |
+| Content-Type  | `application/json` |
+
+#### Content - JSON
+| Field | Description                       |
+|-------|-----------------------------------|
+| token | The token that should be deleted. |
+
+#### Responses
+##### 200 - Success
+__Content - JSON:__
+| Field  | Description                               |
+|--------|-------------------------------------------|
+| tokens | A list of (token, expiration date) pairs. |
+##### 401 - Error: Unauthorized
+The provided auth token doesn't allow you to perform this operation.
 ##### 403 - Error: Forbidden
 Blocked for security reasons.
\ No newline at end of file