add otp swagger2
This commit is contained in:
@@ -1,5 +1,5 @@
|
||||
const authSecurity = [{ SessionToken: [] }, { SecureSessionToken: [] }];
|
||||
const adminSecurity = [{ SessionToken: [] }, { SecureSessionToken: [] }];
|
||||
const authSecurity = [{ SessionToken: [] }, { SecureSessionToken: [] }, { BearerAuth: [] }];
|
||||
const adminSecurity = [{ SessionToken: [] }, { SecureSessionToken: [] }, { BearerAuth: [] }];
|
||||
|
||||
const jsonContent = (schema: unknown, example?: unknown) => ({
|
||||
"application/json": {
|
||||
@@ -71,6 +71,12 @@ export const openApiSpec = {
|
||||
name: "__Secure-next-auth.session-token",
|
||||
description: "توکن سشن NextAuth در محیط HTTPS",
|
||||
},
|
||||
BearerAuth: {
|
||||
type: "http",
|
||||
scheme: "bearer",
|
||||
bearerFormat: "opaque",
|
||||
description: "Mobile app access token returned by /api/auth/mobile/verify or /api/auth/mobile/refresh",
|
||||
},
|
||||
},
|
||||
schemas: {
|
||||
ErrorResponse: {
|
||||
@@ -458,9 +464,14 @@ export const openApiSpec = {
|
||||
MobileOtpVerifyResponse: {
|
||||
type: "object",
|
||||
properties: {
|
||||
accessToken: { type: "string" },
|
||||
token: { type: "string" },
|
||||
tokenType: { type: "string", example: "Bearer" },
|
||||
expiresIn: { type: "integer", example: 900 },
|
||||
expiresAt: { type: "string", format: "date-time" },
|
||||
refreshToken: { type: "string" },
|
||||
refreshExpiresIn: { type: "integer", example: 2592000 },
|
||||
refreshExpiresAt: { type: "string", format: "date-time" },
|
||||
user: {
|
||||
type: "object",
|
||||
properties: {
|
||||
@@ -472,6 +483,19 @@ export const openApiSpec = {
|
||||
},
|
||||
},
|
||||
},
|
||||
MobileRefreshRequest: {
|
||||
type: "object",
|
||||
properties: {
|
||||
refreshToken: { type: "string" },
|
||||
},
|
||||
required: ["refreshToken"],
|
||||
},
|
||||
MobileLogoutRequest: {
|
||||
type: "object",
|
||||
properties: {
|
||||
refreshToken: { type: "string" },
|
||||
},
|
||||
},
|
||||
CredentialsLoginRequest: {
|
||||
type: "object",
|
||||
properties: {
|
||||
@@ -648,6 +672,41 @@ export const openApiSpec = {
|
||||
]),
|
||||
},
|
||||
},
|
||||
"/api/auth/mobile/refresh": {
|
||||
post: {
|
||||
tags: ["Auth"],
|
||||
summary: "Rotate refresh token and issue a new mobile access token",
|
||||
requestBody: requestBody(
|
||||
{ $ref: "#/components/schemas/MobileRefreshRequest" },
|
||||
{ refreshToken: "refresh_token_value" }
|
||||
),
|
||||
responses: Object.fromEntries([
|
||||
["200", jsonResponse("Token refreshed", { $ref: "#/components/schemas/MobileOtpVerifyResponse" })],
|
||||
errorResponse("400", "Missing refresh token", "refreshToken is required"),
|
||||
errorResponse("401", "Invalid, expired, or revoked refresh token", "Invalid refresh token"),
|
||||
]),
|
||||
},
|
||||
},
|
||||
"/api/auth/mobile/logout": {
|
||||
post: {
|
||||
tags: ["Auth"],
|
||||
summary: "Revoke mobile refresh token family and delete current access token",
|
||||
security: authSecurity,
|
||||
requestBody: requestBody(
|
||||
{ $ref: "#/components/schemas/MobileLogoutRequest" },
|
||||
{ refreshToken: "refresh_token_value" },
|
||||
false
|
||||
),
|
||||
responses: {
|
||||
"200": jsonResponse("Logged out", {
|
||||
type: "object",
|
||||
properties: {
|
||||
ok: { type: "boolean", example: true },
|
||||
},
|
||||
}, { ok: true }),
|
||||
},
|
||||
},
|
||||
},
|
||||
"/api/auth/callback/credentials": {
|
||||
post: {
|
||||
tags: ["Auth"],
|
||||
|
||||
Reference in New Issue
Block a user