Compare commits
No commits in common. "bc610ef22a8e0aabb6e2cb7855142d72e8de156f" and "dc907bcb07f20bb6fd8f8ae8851551fd45b0e459" have entirely different histories.
bc610ef22a
...
dc907bcb07
|
@ -1,62 +1,43 @@
|
|||
# `/account/tokens` - GET
|
||||
|
||||
Lists all active auth tokens for the account.
|
||||
|
||||
## HTTP Headers
|
||||
|
||||
| Header | Content |
|
||||
|---------------|------------------|
|
||||
|---------------|--------------------|
|
||||
| Authorization | `Bearer {token}` |
|
||||
|
||||
## Responses
|
||||
|
||||
### 200 - Success
|
||||
|
||||
__Content - JSON:__
|
||||
|
||||
| Field | Description |
|
||||
|--------|-------------------------------------------------------------------------------------------------|
|
||||
| tokens | A list of (token, expiration date) pairs. The expiration date is given as a UTC UNIX timestamp. |
|
||||
|
||||
### 401 - Error: Unauthorized
|
||||
|
||||
The provided auth token doesn't allow you to perform this operation.
|
||||
|
||||
### 403 - Error: Forbidden
|
||||
|
||||
Blocked for security reasons.
|
||||
|
||||
# `/account/tokens` - DELETE
|
||||
|
||||
# `/account/tokens` - DELETE
|
||||
Deletes a token of the authenticated account.
|
||||
|
||||
## HTTP Headers
|
||||
|
||||
| Header | Content |
|
||||
|---------------|--------------------|
|
||||
| Authorization | `Bearer {token}` |
|
||||
| Content-Type | `application/json` |
|
||||
|
||||
## Content - JSON
|
||||
|
||||
| Field | Description |
|
||||
|-------|-----------------------------------|
|
||||
| token | The token that should be deleted. |
|
||||
|
||||
## Responses
|
||||
|
||||
### 200 - Success
|
||||
|
||||
The token was deleted.
|
||||
|
||||
### 401 - Error: Unauthorized
|
||||
|
||||
The provided auth token doesn't allow you to perform this operation.
|
||||
|
||||
### 403 - Error: Forbidden
|
||||
|
||||
Blocked for security reasons.
|
||||
|
||||
### 404 - Error: Not Found
|
||||
|
||||
The token that should be deleted wasn't found.
|
|
@ -1,37 +1,22 @@
|
|||
# `/account/verify` - POST
|
||||
|
||||
Verifies a requested account.
|
||||
|
||||
## HTTP Headers
|
||||
|
||||
| Header | Content |
|
||||
|--------------|--------------------|
|
||||
| Content-Type | `application/json` |
|
||||
|
||||
## Content - JSON
|
||||
|
||||
| Field | Description |
|
||||
|-------|--------------------------------------------------------------------------------|
|
||||
| token | The verification token you received via an email after requesting the account. |
|
||||
|
||||
## Responses
|
||||
|
||||
### 200 - Success
|
||||
|
||||
The account was verified.
|
||||
|
||||
| Field | Description |
|
||||
|-------|--------------------------------------------------|
|
||||
| token | An authorization token for the verified account. |
|
||||
|
||||
The account was verified. You can login now.
|
||||
### 400 - Error: Bad Request
|
||||
|
||||
The request was malformed.
|
||||
|
||||
### 403 - Error: Forbidden
|
||||
|
||||
Blocked for security reasons.
|
||||
|
||||
### 404 - Error: Forbidden
|
||||
|
||||
The provided token is unknown.
|
|
@ -29,7 +29,7 @@ async fn register(
|
|||
async fn verify(data: web::Data<ApiState>, body: web::Json<data::VerifyRequest>) -> impl Responder {
|
||||
match handlers::verify(&data.pool, body.into_inner()).await {
|
||||
Ok(resp) => match resp {
|
||||
data::VerifyResponse::Success(b) => HttpResponse::Ok().json(web::Json(b)),
|
||||
data::VerifyResponse::Success => HttpResponse::Ok().finish(),
|
||||
data::VerifyResponse::TokenUnknown => HttpResponse::NotFound().finish(),
|
||||
data::VerifyResponse::Blocked => HttpResponse::Forbidden().finish(),
|
||||
},
|
||||
|
|
|
@ -34,14 +34,9 @@ pub struct VerifyRequest {
|
|||
pub token: String,
|
||||
}
|
||||
|
||||
#[derive(Debug, Serialize)]
|
||||
pub struct VerifySuccess {
|
||||
pub token: String,
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
pub enum VerifyResponse {
|
||||
Success(VerifySuccess),
|
||||
Success,
|
||||
Blocked,
|
||||
TokenUnknown,
|
||||
}
|
||||
|
|
|
@ -103,11 +103,7 @@ pub async fn verify(pool: &PgPool, request: data::VerifyRequest) -> Result<data:
|
|||
|
||||
token.apply(pool).await?;
|
||||
|
||||
let auth_token = AuthToken::new(pool, &token.account, chrono::Duration::days(7)).await?;
|
||||
|
||||
Ok(data::VerifyResponse::Success(data::VerifySuccess {
|
||||
token: auth_token.token
|
||||
}))
|
||||
Ok(data::VerifyResponse::Success)
|
||||
}
|
||||
|
||||
pub async fn authenticate(
|
||||
|
|
Loading…
Reference in New Issue