Compare commits
No commits in common. "bc610ef22a8e0aabb6e2cb7855142d72e8de156f" and "dc907bcb07f20bb6fd8f8ae8851551fd45b0e459" have entirely different histories.
bc610ef22a
...
dc907bcb07
|
@ -1,62 +1,43 @@
|
||||||
# `/account/tokens` - GET
|
# `/account/tokens` - GET
|
||||||
|
|
||||||
Lists all active auth tokens for the account.
|
Lists all active auth tokens for the account.
|
||||||
|
|
||||||
## HTTP Headers
|
## HTTP Headers
|
||||||
|
| Header | Content |
|
||||||
| Header | Content |
|
|---------------|--------------------|
|
||||||
|---------------|------------------|
|
| Authorization | `Bearer {token}` |
|
||||||
| Authorization | `Bearer {token}` |
|
|
||||||
|
|
||||||
## Responses
|
## Responses
|
||||||
|
|
||||||
### 200 - Success
|
### 200 - Success
|
||||||
|
|
||||||
__Content - JSON:__
|
__Content - JSON:__
|
||||||
|
|
||||||
| Field | Description |
|
| Field | Description |
|
||||||
|--------|-------------------------------------------------------------------------------------------------|
|
|--------|-------------------------------------------------------------------------------------------------|
|
||||||
| tokens | A list of (token, expiration date) pairs. The expiration date is given as a UTC UNIX timestamp. |
|
| tokens | A list of (token, expiration date) pairs. The expiration date is given as a UTC UNIX timestamp. |
|
||||||
|
|
||||||
### 401 - Error: Unauthorized
|
### 401 - Error: Unauthorized
|
||||||
|
|
||||||
The provided auth token doesn't allow you to perform this operation.
|
The provided auth token doesn't allow you to perform this operation.
|
||||||
|
|
||||||
### 403 - Error: Forbidden
|
### 403 - Error: Forbidden
|
||||||
|
|
||||||
Blocked for security reasons.
|
Blocked for security reasons.
|
||||||
|
|
||||||
# `/account/tokens` - DELETE
|
|
||||||
|
|
||||||
|
# `/account/tokens` - DELETE
|
||||||
Deletes a token of the authenticated account.
|
Deletes a token of the authenticated account.
|
||||||
|
|
||||||
## HTTP Headers
|
## HTTP Headers
|
||||||
|
|
||||||
| Header | Content |
|
| Header | Content |
|
||||||
|---------------|--------------------|
|
|---------------|--------------------|
|
||||||
| Authorization | `Bearer {token}` |
|
| Authorization | `Bearer {token}` |
|
||||||
| Content-Type | `application/json` |
|
| Content-Type | `application/json` |
|
||||||
|
|
||||||
## Content - JSON
|
## Content - JSON
|
||||||
|
|
||||||
| Field | Description |
|
| Field | Description |
|
||||||
|-------|-----------------------------------|
|
|-------|-----------------------------------|
|
||||||
| token | The token that should be deleted. |
|
| token | The token that should be deleted. |
|
||||||
|
|
||||||
## Responses
|
## Responses
|
||||||
|
|
||||||
### 200 - Success
|
### 200 - Success
|
||||||
|
|
||||||
The token was deleted.
|
The token was deleted.
|
||||||
|
|
||||||
### 401 - Error: Unauthorized
|
### 401 - Error: Unauthorized
|
||||||
|
|
||||||
The provided auth token doesn't allow you to perform this operation.
|
The provided auth token doesn't allow you to perform this operation.
|
||||||
|
|
||||||
### 403 - Error: Forbidden
|
### 403 - Error: Forbidden
|
||||||
|
|
||||||
Blocked for security reasons.
|
Blocked for security reasons.
|
||||||
|
|
||||||
### 404 - Error: Not Found
|
### 404 - Error: Not Found
|
||||||
|
|
||||||
The token that should be deleted wasn't found.
|
The token that should be deleted wasn't found.
|
|
@ -1,37 +1,22 @@
|
||||||
# `/account/verify` - POST
|
# `/account/verify` - POST
|
||||||
|
|
||||||
Verifies a requested account.
|
Verifies a requested account.
|
||||||
|
|
||||||
## HTTP Headers
|
## HTTP Headers
|
||||||
|
|
||||||
| Header | Content |
|
| Header | Content |
|
||||||
|--------------|--------------------|
|
|--------------|--------------------|
|
||||||
| Content-Type | `application/json` |
|
| Content-Type | `application/json` |
|
||||||
|
|
||||||
## Content - JSON
|
## Content - JSON
|
||||||
|
|
||||||
| Field | Description |
|
| Field | Description |
|
||||||
|-------|--------------------------------------------------------------------------------|
|
|-------|--------------------------------------------------------------------------------|
|
||||||
| token | The verification token you received via an email after requesting the account. |
|
| token | The verification token you received via an email after requesting the account. |
|
||||||
|
|
||||||
## Responses
|
## Responses
|
||||||
|
|
||||||
### 200 - Success
|
### 200 - Success
|
||||||
|
The account was verified. You can login now.
|
||||||
The account was verified.
|
|
||||||
|
|
||||||
| Field | Description |
|
|
||||||
|-------|--------------------------------------------------|
|
|
||||||
| token | An authorization token for the verified account. |
|
|
||||||
|
|
||||||
### 400 - Error: Bad Request
|
### 400 - Error: Bad Request
|
||||||
|
|
||||||
The request was malformed.
|
The request was malformed.
|
||||||
|
|
||||||
### 403 - Error: Forbidden
|
### 403 - Error: Forbidden
|
||||||
|
|
||||||
Blocked for security reasons.
|
Blocked for security reasons.
|
||||||
|
|
||||||
### 404 - Error: Forbidden
|
### 404 - Error: Forbidden
|
||||||
|
|
||||||
The provided token is unknown.
|
The provided token is unknown.
|
|
@ -29,7 +29,7 @@ async fn register(
|
||||||
async fn verify(data: web::Data<ApiState>, body: web::Json<data::VerifyRequest>) -> impl Responder {
|
async fn verify(data: web::Data<ApiState>, body: web::Json<data::VerifyRequest>) -> impl Responder {
|
||||||
match handlers::verify(&data.pool, body.into_inner()).await {
|
match handlers::verify(&data.pool, body.into_inner()).await {
|
||||||
Ok(resp) => match resp {
|
Ok(resp) => match resp {
|
||||||
data::VerifyResponse::Success(b) => HttpResponse::Ok().json(web::Json(b)),
|
data::VerifyResponse::Success => HttpResponse::Ok().finish(),
|
||||||
data::VerifyResponse::TokenUnknown => HttpResponse::NotFound().finish(),
|
data::VerifyResponse::TokenUnknown => HttpResponse::NotFound().finish(),
|
||||||
data::VerifyResponse::Blocked => HttpResponse::Forbidden().finish(),
|
data::VerifyResponse::Blocked => HttpResponse::Forbidden().finish(),
|
||||||
},
|
},
|
||||||
|
|
|
@ -34,14 +34,9 @@ pub struct VerifyRequest {
|
||||||
pub token: String,
|
pub token: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Serialize)]
|
|
||||||
pub struct VerifySuccess {
|
|
||||||
pub token: String,
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
pub enum VerifyResponse {
|
pub enum VerifyResponse {
|
||||||
Success(VerifySuccess),
|
Success,
|
||||||
Blocked,
|
Blocked,
|
||||||
TokenUnknown,
|
TokenUnknown,
|
||||||
}
|
}
|
||||||
|
|
|
@ -103,11 +103,7 @@ pub async fn verify(pool: &PgPool, request: data::VerifyRequest) -> Result<data:
|
||||||
|
|
||||||
token.apply(pool).await?;
|
token.apply(pool).await?;
|
||||||
|
|
||||||
let auth_token = AuthToken::new(pool, &token.account, chrono::Duration::days(7)).await?;
|
Ok(data::VerifyResponse::Success)
|
||||||
|
|
||||||
Ok(data::VerifyResponse::Success(data::VerifySuccess {
|
|
||||||
token: auth_token.token
|
|
||||||
}))
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn authenticate(
|
pub async fn authenticate(
|
||||||
|
|
Loading…
Reference in New Issue