zhenyi
0d3b53f7a0
- Add new auth module with captcha, login, logout, register, and email verification endpoints - Implement two-factor authentication with TOTP enable, disable, verify, and backup codes regeneration - Create RSA public key endpoint for secure password encryption - Add user profile management with get current user and email retrieval - Integrate OpenAPI documentation for all authentication endpoints - Implement password reset functionality with email verification flow - Add comprehensive API response structures with proper error handling - Configure all auth routes under /api/v1/auth scope with proper tagging
27 lines
1.0 KiB
Rust
27 lines
1.0 KiB
Rust
use actix_web::{HttpResponse, web};
|
|
|
|
use crate::api::response::{ApiEmptyResponse, ApiErrorResponse};
|
|
use crate::error::AppError;
|
|
use crate::service::AppService;
|
|
use crate::session::Session;
|
|
|
|
#[utoipa::path(
|
|
post,
|
|
path = "/api/v1/auth/logout",
|
|
tag = "Auth",
|
|
operation_id = "authLogout",
|
|
summary = "Log out",
|
|
description = "Clear the user identity and all temporary authentication data from the current session, including captcha, temporary RSA keys, and pending 2FA state. This endpoint is idempotent: unauthenticated users also receive a success response.",
|
|
responses(
|
|
(status = 200, description = "Logged out successfully, or the session was already unauthenticated.", body = ApiEmptyResponse),
|
|
(status = 500, description = "Session persistence failed.", body = ApiErrorResponse)
|
|
)
|
|
)]
|
|
pub async fn handle(
|
|
service: web::Data<AppService>,
|
|
session: Session,
|
|
) -> Result<HttpResponse, AppError> {
|
|
service.auth.auth_logout(&session).await?;
|
|
Ok(HttpResponse::Ok().json(ApiEmptyResponse::ok("logout successful")))
|
|
}
|