From 8ebbe1e076a615ff5546a28bef1d10eb12842557 Mon Sep 17 00:00:00 2001 From: LordMathis Date: Sun, 8 Dec 2024 17:43:50 +0100 Subject: [PATCH] Update api docs --- server/internal/handlers/auth_handlers.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/server/internal/handlers/auth_handlers.go b/server/internal/handlers/auth_handlers.go index f55c650..8fb2391 100644 --- a/server/internal/handlers/auth_handlers.go +++ b/server/internal/handlers/auth_handlers.go @@ -34,10 +34,12 @@ type LoginResponse struct { // @Produce json // @Param body body LoginRequest true "Login request" // @Success 200 {object} LoginResponse +// @Header 200 {string} X-CSRF-Token "CSRF token for future requests" // @Failure 400 {object} ErrorResponse "Invalid request body" // @Failure 400 {object} ErrorResponse "Email and password are required" // @Failure 401 {object} ErrorResponse "Invalid credentials" // @Failure 500 {object} ErrorResponse "Failed to create session" +// @Failure 500 {object} ErrorResponse "Failed to generate CSRF token" // @Router /auth/login [post] func (h *Handler) Login(authManager auth.SessionManager, cookieService auth.CookieManager) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { @@ -142,10 +144,11 @@ func (h *Handler) Logout(authManager auth.SessionManager, cookieService auth.Coo // @Accept json // @Produce json // @Param body body RefreshRequest true "Refresh request" -// @Success 200 "Tokens refreshed successfully via cookies" -// @Failure 400 {object} ErrorResponse "Invalid request body" +// @Success 200 +// @Header 200 {string} X-CSRF-Token "New CSRF token" // @Failure 400 {object} ErrorResponse "Refresh token required" // @Failure 401 {object} ErrorResponse "Invalid refresh token" +// @Failure 500 {object} ErrorResponse "Failed to generate CSRF token" // @Router /auth/refresh [post] func (h *Handler) RefreshToken(authManager auth.SessionManager, cookieService auth.CookieManager) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) {