refactor(api): reorder imports and update code formatting across repository endpoints

- Reordered actix-web imports to standardize import order - Reordered crate module imports to follow alphabetical ordering - Updated function calls to use multi-line formatting for better readability - Standardized blank lines around documentation comments - Applied consistent formatting to response handling methods - Normalized import organization across all repository-related API files - Improved code consistency and maintainability through standardized formatting - Applied formatting updates to all repository endpoint implementations
2026-06-07 19:41:33 +08:00
parent 7368ba676c
commit 4028f0d943
149 changed files with 4962 additions and 369 deletions
@@ -0,0 +1,58 @@
+use actix_web::{HttpResponse, web};
+use serde::Deserialize;
+use utoipa::IntoParams;
+
+use crate::api::response::{ApiErrorResponse, ApiResponse};
+use crate::error::AppError;
+use crate::service::AppService;
+use crate::session::Session;
+
+#[derive(Debug, Deserialize, IntoParams)]
+pub struct PathParams {
+    /// OAuth account ID (UUID)
+    pub oauth_id: uuid::Uuid,
+}
+
+/// Unlink an OAuth account
+///
+/// Removes a linked OAuth/third-party login account from the authenticated user.
+/// Requires authentication.
+///
+/// Preconditions:
+/// - User must have at least one remaining login method (password or another OAuth account)
+///
+/// Effects:
+/// - OAuth account link is permanently removed
+/// - User can no longer log in with this OAuth provider unless re-linked
+///
+/// Returns success message on completion.
+#[utoipa::path(
+    delete,
+    path = "/api/v1/user/security/oauth/{oauth_id}",
+    tag = "User",
+    operation_id = "userUnlinkOAuth",
+    params(PathParams),
+    responses(
+        (status = 200, description = "OAuth account unlinked successfully.", body = ApiResponse<String>),
+        (status = 400, description = "Cannot unlink: this is the last login method (set a password first)", body = ApiErrorResponse),
+        (status = 401, description = "Authentication required or session expired", body = ApiErrorResponse),
+        (status = 404, description = "OAuth account not found", body = ApiErrorResponse),
+        (status = 500, description = "Internal server error", body = ApiErrorResponse),
+    ),
+    security(
+        ("session_cookie" = [])
+    )
+)]
+pub async fn unlink_oauth(
+    service: web::Data<AppService>,
+    session: Session,
+    path: web::Path<PathParams>,
+) -> Result<HttpResponse, AppError> {
+    service
+        .user
+        .user_unlink_oauth(&session, path.oauth_id)
+        .await?;
+    Ok(HttpResponse::Ok().json(ApiResponse::new(
+        "OAuth account unlinked successfully".to_string(),
+    )))
+}