Compare commits

..

No commits in common. "bc610ef22a8e0aabb6e2cb7855142d72e8de156f" and "dc907bcb07f20bb6fd8f8ae8851551fd45b0e459" have entirely different histories.

5 changed files with 8 additions and 51 deletions

View File

@ -1,62 +1,43 @@
# `/account/tokens` - GET # `/account/tokens` - GET
Lists all active auth tokens for the account. Lists all active auth tokens for the account.
## HTTP Headers ## HTTP Headers
| Header | Content |
| Header | Content | |---------------|--------------------|
|---------------|------------------| | Authorization | `Bearer {token}` |
| Authorization | `Bearer {token}` |
## Responses ## Responses
### 200 - Success ### 200 - Success
__Content - JSON:__ __Content - JSON:__
| Field | Description | | Field | Description |
|--------|-------------------------------------------------------------------------------------------------| |--------|-------------------------------------------------------------------------------------------------|
| tokens | A list of (token, expiration date) pairs. The expiration date is given as a UTC UNIX timestamp. | | tokens | A list of (token, expiration date) pairs. The expiration date is given as a UTC UNIX timestamp. |
### 401 - Error: Unauthorized ### 401 - Error: Unauthorized
The provided auth token doesn't allow you to perform this operation. The provided auth token doesn't allow you to perform this operation.
### 403 - Error: Forbidden ### 403 - Error: Forbidden
Blocked for security reasons. Blocked for security reasons.
# `/account/tokens` - DELETE
# `/account/tokens` - DELETE
Deletes a token of the authenticated account. Deletes a token of the authenticated account.
## HTTP Headers ## HTTP Headers
| Header | Content | | Header | Content |
|---------------|--------------------| |---------------|--------------------|
| Authorization | `Bearer {token}` | | Authorization | `Bearer {token}` |
| Content-Type | `application/json` | | Content-Type | `application/json` |
## Content - JSON ## Content - JSON
| Field | Description | | Field | Description |
|-------|-----------------------------------| |-------|-----------------------------------|
| token | The token that should be deleted. | | token | The token that should be deleted. |
## Responses ## Responses
### 200 - Success ### 200 - Success
The token was deleted. The token was deleted.
### 401 - Error: Unauthorized ### 401 - Error: Unauthorized
The provided auth token doesn't allow you to perform this operation. The provided auth token doesn't allow you to perform this operation.
### 403 - Error: Forbidden ### 403 - Error: Forbidden
Blocked for security reasons. Blocked for security reasons.
### 404 - Error: Not Found ### 404 - Error: Not Found
The token that should be deleted wasn't found. The token that should be deleted wasn't found.

View File

@ -1,37 +1,22 @@
# `/account/verify` - POST # `/account/verify` - POST
Verifies a requested account. Verifies a requested account.
## HTTP Headers ## HTTP Headers
| Header | Content | | Header | Content |
|--------------|--------------------| |--------------|--------------------|
| Content-Type | `application/json` | | Content-Type | `application/json` |
## Content - JSON ## Content - JSON
| Field | Description | | Field | Description |
|-------|--------------------------------------------------------------------------------| |-------|--------------------------------------------------------------------------------|
| token | The verification token you received via an email after requesting the account. | | token | The verification token you received via an email after requesting the account. |
## Responses ## Responses
### 200 - Success ### 200 - Success
The account was verified. You can login now.
The account was verified.
| Field | Description |
|-------|--------------------------------------------------|
| token | An authorization token for the verified account. |
### 400 - Error: Bad Request ### 400 - Error: Bad Request
The request was malformed. The request was malformed.
### 403 - Error: Forbidden ### 403 - Error: Forbidden
Blocked for security reasons. Blocked for security reasons.
### 404 - Error: Forbidden ### 404 - Error: Forbidden
The provided token is unknown. The provided token is unknown.

View File

@ -29,7 +29,7 @@ async fn register(
async fn verify(data: web::Data<ApiState>, body: web::Json<data::VerifyRequest>) -> impl Responder { async fn verify(data: web::Data<ApiState>, body: web::Json<data::VerifyRequest>) -> impl Responder {
match handlers::verify(&data.pool, body.into_inner()).await { match handlers::verify(&data.pool, body.into_inner()).await {
Ok(resp) => match resp { Ok(resp) => match resp {
data::VerifyResponse::Success(b) => HttpResponse::Ok().json(web::Json(b)), data::VerifyResponse::Success => HttpResponse::Ok().finish(),
data::VerifyResponse::TokenUnknown => HttpResponse::NotFound().finish(), data::VerifyResponse::TokenUnknown => HttpResponse::NotFound().finish(),
data::VerifyResponse::Blocked => HttpResponse::Forbidden().finish(), data::VerifyResponse::Blocked => HttpResponse::Forbidden().finish(),
}, },

View File

@ -34,14 +34,9 @@ pub struct VerifyRequest {
pub token: String, pub token: String,
} }
#[derive(Debug, Serialize)]
pub struct VerifySuccess {
pub token: String,
}
#[derive(Debug)] #[derive(Debug)]
pub enum VerifyResponse { pub enum VerifyResponse {
Success(VerifySuccess), Success,
Blocked, Blocked,
TokenUnknown, TokenUnknown,
} }

View File

@ -103,11 +103,7 @@ pub async fn verify(pool: &PgPool, request: data::VerifyRequest) -> Result<data:
token.apply(pool).await?; token.apply(pool).await?;
let auth_token = AuthToken::new(pool, &token.account, chrono::Duration::days(7)).await?; Ok(data::VerifyResponse::Success)
Ok(data::VerifyResponse::Success(data::VerifySuccess {
token: auth_token.token
}))
} }
pub async fn authenticate( pub async fn authenticate(