Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 29 additions & 0 deletions components/schemas/Session.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
type: object
required:
- id
- createdAt
- lastAccessed
- current
properties:
id:
type: integer
format: int64
description: Unique identifier of the active session.
example: 984231

createdAt:
type: integer
format: int64
description: Epoch timestamp in seconds when the session was created.
example: 1764412800

lastAccessed:
type: integer
format: int64
description: Epoch timestamp in seconds when the session was last used.
example: 1764448800

current:
type: boolean
description: Whether this session authorized the current request.
example: true
6 changes: 6 additions & 0 deletions userapi/openapi.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,8 @@ tags:
description: User registration and verification
- name: Sensor-Settings
description: Sensor settings management
- name: Sessions
description: Authenticated session management
- name: Push-Notifications
description: Push notification token management
- name: Sensors
Expand All @@ -47,6 +49,10 @@ paths:
$ref: './sensor-settings.yaml'
/sensors-dense:
$ref: './sensors-dense.yaml'
/sessions:
$ref: './sessions.yaml'
/sessions/{id}:
$ref: './sessions-id.yaml'
/share:
$ref: './share.yaml'
/subscription:
Expand Down
63 changes: 63 additions & 0 deletions userapi/sessions-id.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
delete:
summary: Delete a session
description: Deletes a single active session by ID.
operationId: deleteSession
tags:
- Sessions
security:
- bearerAuth: []

parameters:
- name: id
in: path
required: true
schema:
type: integer
format: int64
description: ID of the session to delete.
example: 984231

responses:
'200':
description: Session deleted successfully
content:
application/json:
schema:
allOf:
- $ref: '../components/schemas/Success.yaml'
- type: object
properties:
data:
type: object
additionalProperties: false
examples:
success:
value:
result: success
data: {}

'401':
description: UNAUTHORIZED - Auth token missing or invalid
content:
application/json:
schema:
$ref: '../components/schemas/Error.yaml'
examples:
unauthorized:
value:
result: "error"
error: "UNAUTHORIZED"
code: "ER_UNAUTHORIZED"

'404':
description: NOT FOUND - Session does not exist
content:
application/json:
schema:
$ref: '../components/schemas/Error.yaml'
examples:
not_found:
value:
result: "error"
error: "NOT FOUND"
code: "ER_NOT_FOUND"
101 changes: 101 additions & 0 deletions userapi/sessions.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,101 @@
get:
summary: List current sessions
description: |
Returns the authenticated user's active sessions.

Sessions are ordered by most recent access first.
operationId: getSessions
tags:
- Sessions
security:
- bearerAuth: []

responses:
'200':
description: Active sessions retrieved successfully
content:
application/json:
schema:
allOf:
- $ref: '../components/schemas/Success.yaml'
- type: object
properties:
data:
type: object
required:
- sessions
properties:
sessions:
type: array
items:
$ref: '../components/schemas/Session.yaml'
examples:
success:
value:
result: success
data:
sessions:
- id: 984231
createdAt: 1764412800
lastAccessed: 1764448800
current: true
- id: 984115
createdAt: 1764301200
lastAccessed: 1764387601
current: false

'401':
description: UNAUTHORIZED - Auth token missing or invalid
content:
application/json:
schema:
$ref: '../components/schemas/Error.yaml'
examples:
unauthorized:
value:
result: "error"
error: "UNAUTHORIZED"
code: "ER_UNAUTHORIZED"
Comment on lines +54 to +58

Copilot AI Apr 1, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The 401 example uses error: "Unauthorized", but most other endpoints use a consistent all-caps token like "UNAUTHORIZED" (e.g., userapi/share.yaml:95-99, userapi/unshare.yaml:85-89). Consider aligning this example string for consistency across the spec.

Copilot uses AI. Check for mistakes.

delete:
summary: Delete all current sessions
description: |
Deletes all active sessions for the authenticated user, including the session
used to authorize this request.
operationId: deleteSessions
tags:
- Sessions
security:
- bearerAuth: []

responses:
'200':
description: All active sessions deleted successfully
content:
application/json:
schema:
allOf:
- $ref: '../components/schemas/Success.yaml'
- type: object
properties:
data:
type: object
additionalProperties: false
examples:
success:
value:
result: success
data: {}

'401':
description: UNAUTHORIZED - Auth token missing or invalid
content:
application/json:
schema:
$ref: '../components/schemas/Error.yaml'
examples:
unauthorized:
value:
result: "error"
error: "UNAUTHORIZED"
code: "ER_UNAUTHORIZED"
Loading