feat(api): expand API endpoints for repo, PR, user, workspace management
- Add git operation endpoints: archive, compare branches, diff, tree, repository extras - Add repo endpoints: contributors, delete fork, get branch/commit status/deploy key/invitation/member/release/tag/webhook, topics, release assets, webhook deliveries/retry - Add PR endpoints: review requests, templates - Add user endpoints: block/unblock, follow/unfollow, presence, personal access tokens, account restore - Add workspace endpoints: billing history, approvals, domains, integrations, invitations, members, webhooks, restore - Add internal API, notification API, IM API modules - Update route configuration and OpenAPI spec
This commit is contained in:
zhenyi
@@ -0,0 +1,60 @@
|
||||
use actix_web::{HttpResponse, web};
|
||||
use serde::Deserialize;
|
||||
use utoipa::IntoParams;
|
||||
|
||||
use crate::api::response::{ApiErrorResponse, ApiResponse};
|
||||
use crate::error::AppError;
|
||||
use crate::service::AppService;
|
||||
use crate::service::user::security::{
|
||||
CreatePersonalAccessTokenParams, CreatePersonalAccessTokenResponse,
|
||||
};
|
||||
use crate::session::Session;
|
||||
|
||||
#[derive(Debug, Deserialize, IntoParams, utoipa::ToSchema)]
|
||||
pub struct CreateTokenBody {
|
||||
/// Display name for the token (e.g., "My CLI Token")
|
||||
pub name: String,
|
||||
/// List of permission scopes assigned to the token
|
||||
pub scopes: Vec<crate::models::common::Scope>,
|
||||
/// Optional expiration date (UTC). If not set, the token never expires.
|
||||
pub expires_at: Option<chrono::DateTime<chrono::Utc>>,
|
||||
}
|
||||
|
||||
/// Create a personal access token
|
||||
///
|
||||
/// Creates a new personal access token (PAT) for the authenticated user.
|
||||
/// The full token value is returned in the response — this is the ONLY time it will be shown.
|
||||
/// Store it securely; it cannot be retrieved again.
|
||||
/// Requires authentication.
|
||||
#[utoipa::path(
|
||||
post,
|
||||
path = "/api/v1/user/security/tokens",
|
||||
tag = "User",
|
||||
operation_id = "userCreateToken",
|
||||
params(CreateTokenBody),
|
||||
responses(
|
||||
(status = 201, description = "Personal access token created successfully. The raw token value is included in the response and will never be shown again.", body = ApiResponse<CreatePersonalAccessTokenResponse>),
|
||||
(status = 400, description = "Invalid request body (e.g., missing name or scopes)", body = ApiErrorResponse),
|
||||
(status = 401, description = "Authentication required or session expired", body = ApiErrorResponse),
|
||||
(status = 500, description = "Internal server error", body = ApiErrorResponse),
|
||||
),
|
||||
security(
|
||||
("session_cookie" = [])
|
||||
)
|
||||
)]
|
||||
pub async fn create_token(
|
||||
service: web::Data<AppService>,
|
||||
session: Session,
|
||||
body: web::Json<CreateTokenBody>,
|
||||
) -> Result<HttpResponse, AppError> {
|
||||
let params = CreatePersonalAccessTokenParams {
|
||||
name: body.name.clone(),
|
||||
scopes: body.scopes.clone(),
|
||||
expires_at: body.expires_at,
|
||||
};
|
||||
let token = service
|
||||
.user
|
||||
.user_create_personal_access_token(&session, params)
|
||||
.await?;
|
||||
Ok(HttpResponse::Created().json(ApiResponse::new(token)))
|
||||
}
|
||||
Reference in New Issue
Block a user