Skip to content

Add session management endpoints and schemas#60

Merged
ojousima merged 4 commits into
masterfrom
auth_sessions
Apr 1, 2026
Merged

Add session management endpoints and schemas#60
ojousima merged 4 commits into
masterfrom
auth_sessions

Conversation

@io53

@io53 io53 commented Apr 1, 2026

Copy link
Copy Markdown
Contributor

Adds:

  • GET /sessions — lists sessions
  • DELETE /sessions — delete all sessions
  • DELETE /sessions/{id} — delete a single session by ID

[edit] closes #61

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds OpenAPI definitions for authenticated session management endpoints, including a reusable Session schema.

Changes:

  • Adds GET /sessions to list the authenticated user’s active sessions.
  • Adds DELETE /sessions and DELETE /sessions/{id} to revoke sessions.
  • Registers the new endpoints and Sessions tag in the main OpenAPI document, and introduces components/schemas/Session.yaml.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

File Description
userapi/sessions.yaml Defines list + delete-all session operations and their response shapes/examples.
userapi/sessions-id.yaml Defines delete-by-id operation including path parameter and error responses.
userapi/openapi.yaml Wires new paths into the spec and adds the Sessions tag.
components/schemas/Session.yaml Introduces the Session object schema used by the list endpoint.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread userapi/sessions.yaml
Comment on lines +54 to +58
unauthorized:
value:
result: "error"
error: "Unauthorized"
code: "ER_UNAUTHORIZED"

Copilot AI Apr 1, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The 401 example uses error: "Unauthorized", but most other endpoints use a consistent all-caps token like "UNAUTHORIZED" (e.g., userapi/share.yaml:95-99, userapi/unshare.yaml:85-89). Consider aligning this example string for consistency across the spec.

Copilot uses AI. Check for mistakes.
Comment thread userapi/sessions-id.yaml Outdated
unauthorized:
value:
result: "error"
error: "Unauthorized"

Copilot AI Apr 1, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The 401 example uses error: "Unauthorized", but most other endpoints use "UNAUTHORIZED" in examples (e.g., userapi/share.yaml:95-99, userapi/sensor-settings.yaml:94-98). Consider aligning this example string for consistency across the spec.

Suggested change
error: "Unauthorized"
error: "UNAUTHORIZED"

Copilot uses AI. Check for mistakes.
Comment thread userapi/sessions-id.yaml Outdated
not_found:
value:
result: "error"
error: "Not Found"

Copilot AI Apr 1, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The 404 example uses error: "Not Found", while other 404 examples in this spec use "NOT FOUND" (e.g., userapi/unshare.yaml:111-115, userapi/sensor-settings.yaml:250-254). Consider aligning the example value for consistency.

Suggested change
error: "Not Found"
error: "NOT FOUND"

Copilot uses AI. Check for mistakes.

@ojousima ojousima left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks

@ojousima
ojousima merged commit 015c57a into master Apr 1, 2026
5 checks passed
@ojousima
ojousima deleted the auth_sessions branch April 1, 2026 15:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Add get/delete session API endpoints

3 participants