shared/api/endpoints/
session.rs

1use crate::{
2    api::Method,
3    domain::session::{
4        CreateSessionOAuthPath, CreateSessionOAuthRequest, CreateSessionPath,
5        CreateSessionResponse, DeleteSessionPath, GetOAuthPath, GetOAuthUrlResponse,
6    },
7    error::EmptyError,
8};
9
10use super::ApiEndpoint;
11
12/// Sign in.
13///
14/// requires `Basic` auth in the form `BASE64(email:password)`
15/// see: <https://tools.ietf.org/html/rfc7617#section-2>
16pub struct Create;
17impl ApiEndpoint for Create {
18    type Path = CreateSessionPath;
19    type Req = ();
20    type Res = CreateSessionResponse;
21    type Err = EmptyError;
22    const METHOD: Method = Method::Post;
23}
24
25/// Sign in via oauth.
26///
27/// Note: If the account doesn't exist, but the oauth token is valid, it'll return a token that can be used to create an account.
28///
29/// # Errors
30/// (non exhaustive list)
31/// If there is already a user with the oauth user's email,
32/// and it isn't them - [`409 - Conflict`](http::StatusCode::CONFLICT)
33///
34/// # Flow (login)
35/// 1. [`GET /v1/session/oauth/url/{service}/{kind}`](GetOAuthUrl)
36/// 2. `POST /v1/session/oauth` (this route) with the token
37///
38/// # Flow (register)
39/// 1. [`GET /v1/session/oauth/url/{service}/{kind}`](GetOAuthUrl)
40///     * Returns the access token as a cookie + csrf token, in addition to any user profile info
41///     given by the OAuth provider.
42/// 2. `POST /v1/session/oauth` (this route) with the token
43/// 3. [`POST /v1/user/me/profile`](crate::api::endpoints::user::CreateProfile)
44///     * Optionally include the user profile information returned in #1
45pub struct CreateOAuth;
46impl ApiEndpoint for CreateOAuth {
47    type Path = CreateSessionOAuthPath;
48    type Req = CreateSessionOAuthRequest;
49    type Res = CreateSessionResponse;
50    type Err = EmptyError;
51    const METHOD: Method = Method::Post;
52}
53
54/// Get URL for oauth callback
55///
56/// # Flow (login/register)
57/// 1. `GET /v1/session/oauth/url/{service}/{kind}` (this route)
58/// 2. Continue from [`CreateOAuth`]
59pub struct GetOAuthUrl;
60impl ApiEndpoint for GetOAuthUrl {
61    type Path = GetOAuthPath;
62    type Req = ();
63    type Res = GetOAuthUrlResponse;
64    type Err = EmptyError;
65    const METHOD: Method = Method::Get;
66}
67
68/// Delete a session (logout)
69///
70/// # Authorization
71/// standard/any
72/// # Errors
73/// [`Unauthorized`](http::StatusCode::UNAUTHORIZED) if the authorization is invalid
74pub struct Delete;
75impl ApiEndpoint for Delete {
76    type Path = DeleteSessionPath;
77    type Req = ();
78    type Res = ();
79    type Err = EmptyError;
80    const METHOD: Method = Method::Delete;
81}