diff --git a/components/schemas/Session.yaml b/components/schemas/Session.yaml new file mode 100644 index 0000000..3449b98 --- /dev/null +++ b/components/schemas/Session.yaml @@ -0,0 +1,29 @@ +type: object +required: + - id + - createdAt + - lastAccessed + - current +properties: + id: + type: integer + format: int64 + description: Unique identifier of the active session. + example: 984231 + + createdAt: + type: integer + format: int64 + description: Epoch timestamp in seconds when the session was created. + example: 1764412800 + + lastAccessed: + type: integer + format: int64 + description: Epoch timestamp in seconds when the session was last used. + example: 1764448800 + + current: + type: boolean + description: Whether this session authorized the current request. + example: true diff --git a/userapi/openapi.yaml b/userapi/openapi.yaml index 8e9df00..a6e7298 100644 --- a/userapi/openapi.yaml +++ b/userapi/openapi.yaml @@ -24,6 +24,8 @@ tags: description: User registration and verification - name: Sensor-Settings description: Sensor settings management + - name: Sessions + description: Authenticated session management - name: Push-Notifications description: Push notification token management - name: Sensors @@ -47,6 +49,10 @@ paths: $ref: './sensor-settings.yaml' /sensors-dense: $ref: './sensors-dense.yaml' + /sessions: + $ref: './sessions.yaml' + /sessions/{id}: + $ref: './sessions-id.yaml' /share: $ref: './share.yaml' /subscription: diff --git a/userapi/sessions-id.yaml b/userapi/sessions-id.yaml new file mode 100644 index 0000000..fece894 --- /dev/null +++ b/userapi/sessions-id.yaml @@ -0,0 +1,63 @@ +delete: + summary: Delete a session + description: Deletes a single active session by ID. + operationId: deleteSession + tags: + - Sessions + security: + - bearerAuth: [] + + parameters: + - name: id + in: path + required: true + schema: + type: integer + format: int64 + description: ID of the session to delete. + example: 984231 + + responses: + '200': + description: Session deleted successfully + content: + application/json: + schema: + allOf: + - $ref: '../components/schemas/Success.yaml' + - type: object + properties: + data: + type: object + additionalProperties: false + examples: + success: + value: + result: success + data: {} + + '401': + description: UNAUTHORIZED - Auth token missing or invalid + content: + application/json: + schema: + $ref: '../components/schemas/Error.yaml' + examples: + unauthorized: + value: + result: "error" + error: "UNAUTHORIZED" + code: "ER_UNAUTHORIZED" + + '404': + description: NOT FOUND - Session does not exist + content: + application/json: + schema: + $ref: '../components/schemas/Error.yaml' + examples: + not_found: + value: + result: "error" + error: "NOT FOUND" + code: "ER_NOT_FOUND" diff --git a/userapi/sessions.yaml b/userapi/sessions.yaml new file mode 100644 index 0000000..ddc4049 --- /dev/null +++ b/userapi/sessions.yaml @@ -0,0 +1,101 @@ +get: + summary: List current sessions + description: | + Returns the authenticated user's active sessions. + + Sessions are ordered by most recent access first. + operationId: getSessions + tags: + - Sessions + security: + - bearerAuth: [] + + responses: + '200': + description: Active sessions retrieved successfully + content: + application/json: + schema: + allOf: + - $ref: '../components/schemas/Success.yaml' + - type: object + properties: + data: + type: object + required: + - sessions + properties: + sessions: + type: array + items: + $ref: '../components/schemas/Session.yaml' + examples: + success: + value: + result: success + data: + sessions: + - id: 984231 + createdAt: 1764412800 + lastAccessed: 1764448800 + current: true + - id: 984115 + createdAt: 1764301200 + lastAccessed: 1764387601 + current: false + + '401': + description: UNAUTHORIZED - Auth token missing or invalid + content: + application/json: + schema: + $ref: '../components/schemas/Error.yaml' + examples: + unauthorized: + value: + result: "error" + error: "UNAUTHORIZED" + code: "ER_UNAUTHORIZED" + +delete: + summary: Delete all current sessions + description: | + Deletes all active sessions for the authenticated user, including the session + used to authorize this request. + operationId: deleteSessions + tags: + - Sessions + security: + - bearerAuth: [] + + responses: + '200': + description: All active sessions deleted successfully + content: + application/json: + schema: + allOf: + - $ref: '../components/schemas/Success.yaml' + - type: object + properties: + data: + type: object + additionalProperties: false + examples: + success: + value: + result: success + data: {} + + '401': + description: UNAUTHORIZED - Auth token missing or invalid + content: + application/json: + schema: + $ref: '../components/schemas/Error.yaml' + examples: + unauthorized: + value: + result: "error" + error: "UNAUTHORIZED" + code: "ER_UNAUTHORIZED"