feat: suppor tokenDelivery field for account reg

2026-02-02 13:21:17 +00:00 · 2025-12-16 00:41:30 +00:00
parent bab6e24a0d
commit 3686f87377
6 changed files with 85 additions and 28 deletions
--- a/apps/backend/docs/swagger.json
+++ b/apps/backend/docs/swagger.json
@@ -17,8 +17,40 @@
    "basePath": "/api",
    "paths": {
        "/accounts": {
+            "get": {
+                "security": [
+                    {
+                        "BearerAuth": []
+                    }
+                ],
+                "description": "Retrieve all accounts for the authenticated user",
+                "produces": [
+                    "application/json"
+                ],
+                "tags": [
+                    "accounts"
+                ],
+                "summary": "List accounts",
+                "responses": {
+                    "200": {
+                        "description": "List of accounts for the authenticated user",
+                        "schema": {
+                            "type": "array",
+                            "items": {
+                                "$ref": "#/definitions/internal_account.Account"
+                            }
+                        }
+                    },
+                    "401": {
+                        "description": "Not authenticated",
+                        "schema": {
+                            "type": "string"
+                        }
+                    }
+                }
+            },
            "post": {
-                "description": "Create a new user account with email and password. Returns the account, user, and authentication tokens.",
+                "description": "Create a new user account with email and password. Returns the account, user, and authentication tokens. Tokens can be delivered via HTTP-only cookies or in the response body based on the tokenDelivery field.",
                "consumes": [
                    "application/json"
                ],
@@ -48,7 +80,7 @@
                        }
                    },
                    "400": {
-                        "description": "Invalid request body",
+                        "description": "Invalid request body or token delivery method",
                        "schema": {
                            "type": "string"
                        }
@@ -1325,6 +1357,15 @@
                    "description": "Password for the new account (min 8 characters)",
                    "type": "string",
                    "example": "securepassword123"
+                },
+                "tokenDelivery": {
+                    "description": "How to deliver tokens: \"cookie\" (set HTTP-only cookies) or \"body\" (include in response)",
+                    "type": "string",
+                    "enum": [
+                        "cookie",
+                        "body"
+                    ],
+                    "example": "body"
                }
            }
        },
@@ -1333,7 +1374,7 @@
            "type": "object",
            "properties": {
                "accessToken": {
-                    "description": "JWT access token for immediate authentication",
+                    "description": "JWT access token for immediate authentication (only included when tokenDelivery is \"body\")",
                    "type": "string",
                    "example": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1NTBlODQwMC1lMjliLTQxZDQtYTcxNi00NDY2NTU0NDAwMDAifQ.signature"
                },
@@ -1346,7 +1387,7 @@
                    ]
                },
                "refreshToken": {
-                    "description": "Base64 URL encoded refresh token",
+                    "description": "Base64 URL encoded refresh token (only included when tokenDelivery is \"body\")",
                    "type": "string",
                    "example": "dR4nD0mUu1DkZXlCeXRlc0FuZFJhbmRvbURhdGFIZXJlMTIzNDU2Nzg5MGFi"
                },