fix: harden auth flows and align api contracts
This commit is contained in:
Your Name
@@ -295,7 +295,7 @@ func (h *AuthHandler) Logout(c *gin.Context) {
|
||||
// @Success 200 {object} Response{data=service.LoginResponse} "刷新成功"
|
||||
// @Failure 400 {object} Response{code=int,message=string} "请求参数错误"
|
||||
// @Failure 401 {object} Response{code=int,message=string} "refresh_token无效或已过期"
|
||||
// @Router /api/v1/auth/refresh-token [post]
|
||||
// @Router /api/v1/auth/refresh [post]
|
||||
func (h *AuthHandler) RefreshToken(c *gin.Context) {
|
||||
var req struct {
|
||||
RefreshToken string `json:"refresh_token"`
|
||||
@@ -361,7 +361,7 @@ func (h *AuthHandler) GetUserInfo(c *gin.Context) {
|
||||
// @Description 由于系统使用JWT Bearer Token认证,不存在CSRF风险,返回空token
|
||||
// @Tags 认证
|
||||
// @Produce json
|
||||
// @Success 200 {object} map "CSRF token(为空)"
|
||||
// @Success 200 {object} Response{data=CSRFTokenResponse} "CSRF token(为空)"
|
||||
// @Router /api/v1/auth/csrf-token [get]
|
||||
func (h *AuthHandler) GetCSRFToken(c *gin.Context) {
|
||||
// 系统使用 JWT Bearer Token 认证,Bearer Token 不会被浏览器自动携带(非 cookie)
|
||||
@@ -422,7 +422,7 @@ func (h *AuthHandler) OAuthCallback(c *gin.Context) {
|
||||
// @Produce json
|
||||
// @Param provider path string true "OAuth提供商"
|
||||
// @Success 200 {object} Response "OAuth未配置"
|
||||
// @Router /api/v1/auth/oauth/{provider}/exchange [post]
|
||||
// @Router /api/v1/auth/oauth/exchange [post]
|
||||
func (h *AuthHandler) OAuthExchange(c *gin.Context) {
|
||||
c.JSON(http.StatusServiceUnavailable, gin.H{"code": http.StatusServiceUnavailable, "message": "OAuth exchange is not configured"})
|
||||
}
|
||||
@@ -432,7 +432,7 @@ func (h *AuthHandler) OAuthExchange(c *gin.Context) {
|
||||
// @Description 返回系统已配置并启用的OAuth提供商列表
|
||||
// @Tags OAuth
|
||||
// @Produce json
|
||||
// @Success 200 {object} Response{data=map} "提供商列表"
|
||||
// @Success 200 {object} Response{data=OAuthProvidersResponse} "提供商列表"
|
||||
// @Router /api/v1/auth/oauth/providers [get]
|
||||
func (h *AuthHandler) GetEnabledOAuthProviders(c *gin.Context) {
|
||||
c.JSON(http.StatusOK, gin.H{"code": 0, "message": "success", "data": gin.H{"providers": []string{}}})
|
||||
@@ -471,7 +471,7 @@ func (h *AuthHandler) ActivateEmail(c *gin.Context) {
|
||||
// @Param request body ResendActivationRequest true "邮箱地址"
|
||||
// @Success 200 {object} Response "激活邮件已发送(如果邮箱已注册)"
|
||||
// @Failure 400 {object} Response "邮箱格式错误"
|
||||
// @Router /api/v1/auth/resend-activation-email [post]
|
||||
// @Router /api/v1/auth/resend-activation [post]
|
||||
func (h *AuthHandler) ResendActivationEmail(c *gin.Context) {
|
||||
var req struct {
|
||||
Email string `json:"email" binding:"required,email"`
|
||||
@@ -525,7 +525,7 @@ func (h *AuthHandler) SendEmailCode(c *gin.Context) {
|
||||
// @Success 200 {object} Response{data=service.LoginResponse} "登录成功"
|
||||
// @Failure 400 {object} Response "请求参数错误"
|
||||
// @Failure 401 {object} Response "验证码错误或已过期"
|
||||
// @Router /api/v1/auth/login-by-email-code [post]
|
||||
// @Router /api/v1/auth/login/email-code [post]
|
||||
func (h *AuthHandler) LoginByEmailCode(c *gin.Context) {
|
||||
var req struct {
|
||||
Email string `json:"email" binding:"required,email"`
|
||||
@@ -645,7 +645,7 @@ func (h *AuthHandler) BootstrapAdmin(c *gin.Context) {
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Success 200 {object} Response "功能未配置"
|
||||
// @Router /api/v1/auth/email/bind/send [post]
|
||||
// @Router /api/v1/users/me/bind-email/code [post]
|
||||
func (h *AuthHandler) SendEmailBindCode(c *gin.Context) {
|
||||
c.JSON(http.StatusServiceUnavailable, gin.H{"code": http.StatusServiceUnavailable, "message": "email binding is not configured"})
|
||||
}
|
||||
@@ -657,7 +657,7 @@ func (h *AuthHandler) SendEmailBindCode(c *gin.Context) {
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Success 200 {object} Response "功能未配置"
|
||||
// @Router /api/v1/auth/email/bind [post]
|
||||
// @Router /api/v1/users/me/bind-email [post]
|
||||
func (h *AuthHandler) BindEmail(c *gin.Context) {
|
||||
c.JSON(http.StatusServiceUnavailable, gin.H{"code": http.StatusServiceUnavailable, "message": "email binding is not configured"})
|
||||
}
|
||||
@@ -669,7 +669,7 @@ func (h *AuthHandler) BindEmail(c *gin.Context) {
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Success 200 {object} Response "功能未配置"
|
||||
// @Router /api/v1/auth/email/unbind [post]
|
||||
// @Router /api/v1/users/me/bind-email [delete]
|
||||
func (h *AuthHandler) UnbindEmail(c *gin.Context) {
|
||||
c.JSON(http.StatusServiceUnavailable, gin.H{"code": http.StatusServiceUnavailable, "message": "email binding is not configured"})
|
||||
}
|
||||
@@ -681,7 +681,7 @@ func (h *AuthHandler) UnbindEmail(c *gin.Context) {
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Success 200 {object} Response "功能未配置"
|
||||
// @Router /api/v1/auth/phone/bind/send [post]
|
||||
// @Router /api/v1/users/me/bind-phone/code [post]
|
||||
func (h *AuthHandler) SendPhoneBindCode(c *gin.Context) {
|
||||
c.JSON(http.StatusServiceUnavailable, gin.H{"code": http.StatusServiceUnavailable, "message": "phone binding is not configured"})
|
||||
}
|
||||
@@ -693,7 +693,7 @@ func (h *AuthHandler) SendPhoneBindCode(c *gin.Context) {
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Success 200 {object} Response "功能未配置"
|
||||
// @Router /api/v1/auth/phone/bind [post]
|
||||
// @Router /api/v1/users/me/bind-phone [post]
|
||||
func (h *AuthHandler) BindPhone(c *gin.Context) {
|
||||
c.JSON(http.StatusServiceUnavailable, gin.H{"code": http.StatusServiceUnavailable, "message": "phone binding is not configured"})
|
||||
}
|
||||
@@ -705,7 +705,7 @@ func (h *AuthHandler) BindPhone(c *gin.Context) {
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Success 200 {object} Response "功能未配置"
|
||||
// @Router /api/v1/auth/phone/unbind [post]
|
||||
// @Router /api/v1/users/me/bind-phone [delete]
|
||||
func (h *AuthHandler) UnbindPhone(c *gin.Context) {
|
||||
c.JSON(http.StatusServiceUnavailable, gin.H{"code": http.StatusServiceUnavailable, "message": "phone binding is not configured"})
|
||||
}
|
||||
@@ -717,7 +717,7 @@ func (h *AuthHandler) UnbindPhone(c *gin.Context) {
|
||||
// @Produce json
|
||||
// @Security BearerAuth
|
||||
// @Success 200 {object} Response "社交账号列表"
|
||||
// @Router /api/v1/auth/social-accounts [get]
|
||||
// @Router /api/v1/users/me/social-accounts [get]
|
||||
func (h *AuthHandler) GetSocialAccounts(c *gin.Context) {
|
||||
c.JSON(http.StatusOK, gin.H{"code": 0, "message": "success", "data": gin.H{"accounts": []interface{}{}}})
|
||||
}
|
||||
@@ -729,7 +729,7 @@ func (h *AuthHandler) GetSocialAccounts(c *gin.Context) {
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Success 200 {object} Response "功能未配置"
|
||||
// @Router /api/v1/auth/social/bind [post]
|
||||
// @Router /api/v1/users/me/bind-social [post]
|
||||
func (h *AuthHandler) BindSocialAccount(c *gin.Context) {
|
||||
c.JSON(http.StatusServiceUnavailable, gin.H{"code": http.StatusServiceUnavailable, "message": "social binding is not configured"})
|
||||
}
|
||||
@@ -741,7 +741,7 @@ func (h *AuthHandler) BindSocialAccount(c *gin.Context) {
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Success 200 {object} Response "功能未配置"
|
||||
// @Router /api/v1/auth/social/unbind [post]
|
||||
// @Router /api/v1/users/me/bind-social/{provider} [delete]
|
||||
func (h *AuthHandler) UnbindSocialAccount(c *gin.Context) {
|
||||
c.JSON(http.StatusServiceUnavailable, gin.H{"code": http.StatusServiceUnavailable, "message": "social binding is not configured"})
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user