gitdata.ai/appks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9eb77ab98bb3fa91b58e334bc23bda46474f87fb
appks/api/user/create_personal_access_token.rs
T
zhenyi cec6dce955 feat(api): expand API endpoints for repo, PR, user, workspace management 
- Add git operation endpoints: archive, compare branches, diff, tree,
  repository extras
- Add repo endpoints: contributors, delete fork, get branch/commit
  status/deploy key/invitation/member/release/tag/webhook, topics,
  release assets, webhook deliveries/retry
- Add PR endpoints: review requests, templates
- Add user endpoints: block/unblock, follow/unfollow, presence,
  personal access tokens, account restore
- Add workspace endpoints: billing history, approvals, domains,
  integrations, invitations, members, webhooks, restore
- Add internal API, notification API, IM API modules
- Update route configuration and OpenAPI spec
2026-06-10 18:49:27 +08:00

61 lines
2.3 KiB
Rust
Raw Blame History

use actix_web::{HttpResponse, web};
use serde::Deserialize;
use utoipa::IntoParams;
use crate::api::response::{ApiErrorResponse, ApiResponse};
use crate::error::AppError;
use crate::service::AppService;
use crate::service::user::security::{
CreatePersonalAccessTokenParams, CreatePersonalAccessTokenResponse,
};
use crate::session::Session;
#[derive(Debug, Deserialize, IntoParams, utoipa::ToSchema)]
pub struct CreateTokenBody {
/// Display name for the token (e.g., "My CLI Token")
pub name: String,
/// List of permission scopes assigned to the token
pub scopes: Vec<crate::models::common::Scope>,
/// Optional expiration date (UTC). If not set, the token never expires.
pub expires_at: Option<chrono::DateTime<chrono::Utc>>,
}
/// Create a personal access token
///
/// Creates a new personal access token (PAT) for the authenticated user.
/// The full token value is returned in the response — this is the ONLY time it will be shown.
/// Store it securely; it cannot be retrieved again.
/// Requires authentication.
#[utoipa::path(
post,
path = "/api/v1/user/security/tokens",
tag = "User",
operation_id = "userCreateToken",
params(CreateTokenBody),
responses(
(status = 201, description = "Personal access token created successfully. The raw token value is included in the response and will never be shown again.", body = ApiResponse<CreatePersonalAccessTokenResponse>),
(status = 400, description = "Invalid request body (e.g., missing name or scopes)", body = ApiErrorResponse),
(status = 401, description = "Authentication required or session expired", body = ApiErrorResponse),
(status = 500, description = "Internal server error", body = ApiErrorResponse),
),
security(
("session_cookie" = [])
)
)]
pub async fn create_token(
service: web::Data<AppService>,
session: Session,
body: web::Json<CreateTokenBody>,
) -> Result<HttpResponse, AppError> {
let params = CreatePersonalAccessTokenParams {
name: body.name.clone(),
scopes: body.scopes.clone(),
expires_at: body.expires_at,
};
let token = service
.user
.user_create_personal_access_token(&session, params)
.await?;
Ok(HttpResponse::Created().json(ApiResponse::new(token)))
}
Reference in New Issue View Git Blame Copy Permalink