diff options
| author | James Elliott <james-d-elliott@users.noreply.github.com> | 2023-10-26 19:41:06 +1100 |
|---|---|---|
| committer | James Elliott <james-d-elliott@users.noreply.github.com> | 2024-03-04 20:29:11 +1100 |
| commit | 2a388194fbf56e8c030dc734f980dc223760b8d9 (patch) | |
| tree | 6dd17b6e4cbe3d1c0f6ab556632ae6fd2f68d145 /api | |
| parent | f81b414147014a8096ef995ea691c0010a4aab67 (diff) | |
feat(web): revoke reset password tokens
This adds functionality to the frontend to revoke the Reset Password JWT's.
Closes #136
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Diffstat (limited to 'api')
| -rw-r--r-- | api/openapi.yml | 36 |
1 files changed, 32 insertions, 4 deletions
diff --git a/api/openapi.yml b/api/openapi.yml index 8a923fe7c..a721656b2 100644 --- a/api/openapi.yml +++ b/api/openapi.yml @@ -569,11 +569,10 @@ paths: - Password Reset summary: Password Reset description: > - This endpoint is step 3 of 3 in the password reset process. - - It validates the user session and changes the password. - + The password reset endpoint (using the POST method verb) validates the user session and changes the password. The same session cookie must be used for all steps in this process. + + This endpoint is step 3 of 3 in the password reset process. requestBody: required: true content: @@ -589,6 +588,28 @@ paths: $ref: '#/components/schemas/middlewares.OkResponse' security: - authelia_auth: [] + delete: + tags: + - Password Reset + summary: Password Reset + description: > + The password reset endpoint (using the DELETE method verb) revokes a JWT associated with a password reset + operation. + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/handlers.PasswordResetBodyDELETE' + responses: + "200": + description: Successful Operation + content: + application/json: + schema: + $ref: '#/components/schemas/middlewares.OkResponse' + security: + - authelia_auth: [] {{- end }} /api/user/info: get: @@ -2069,6 +2090,13 @@ components: password: type: string example: password + handlers.PasswordResetBodyDELETE: + required: + - 'token' + type: object + properties: + token: + type: string {{- end }} {{- if .Duo }} handlers.bodySignDuoRequest: |