Add session management endpoints and schemas#60
Conversation
There was a problem hiding this comment.
Pull request overview
Adds OpenAPI definitions for authenticated session management endpoints, including a reusable Session schema.
Changes:
- Adds
GET /sessionsto list the authenticated user’s active sessions. - Adds
DELETE /sessionsandDELETE /sessions/{id}to revoke sessions. - Registers the new endpoints and
Sessionstag in the main OpenAPI document, and introducescomponents/schemas/Session.yaml.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| userapi/sessions.yaml | Defines list + delete-all session operations and their response shapes/examples. |
| userapi/sessions-id.yaml | Defines delete-by-id operation including path parameter and error responses. |
| userapi/openapi.yaml | Wires new paths into the spec and adds the Sessions tag. |
| components/schemas/Session.yaml | Introduces the Session object schema used by the list endpoint. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| unauthorized: | ||
| value: | ||
| result: "error" | ||
| error: "Unauthorized" | ||
| code: "ER_UNAUTHORIZED" |
There was a problem hiding this comment.
The 401 example uses error: "Unauthorized", but most other endpoints use a consistent all-caps token like "UNAUTHORIZED" (e.g., userapi/share.yaml:95-99, userapi/unshare.yaml:85-89). Consider aligning this example string for consistency across the spec.
| unauthorized: | ||
| value: | ||
| result: "error" | ||
| error: "Unauthorized" |
There was a problem hiding this comment.
The 401 example uses error: "Unauthorized", but most other endpoints use "UNAUTHORIZED" in examples (e.g., userapi/share.yaml:95-99, userapi/sensor-settings.yaml:94-98). Consider aligning this example string for consistency across the spec.
| error: "Unauthorized" | |
| error: "UNAUTHORIZED" |
| not_found: | ||
| value: | ||
| result: "error" | ||
| error: "Not Found" |
There was a problem hiding this comment.
The 404 example uses error: "Not Found", while other 404 examples in this spec use "NOT FOUND" (e.g., userapi/unshare.yaml:111-115, userapi/sensor-settings.yaml:250-254). Consider aligning the example value for consistency.
| error: "Not Found" | |
| error: "NOT FOUND" |
Adds:
[edit] closes #61