gitdata.ai/gitks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): add comprehensive authentication system with 2FA support

Browse Source 
- Add new auth module with captcha, login, logout, register, and email verification endpoints
- Implement two-factor authentication with TOTP enable, disable, verify, and backup codes regeneration
- Create RSA public key endpoint for secure password encryption
- Add user profile management with get current user and email retrieval
- Integrate OpenAPI documentation for all authentication endpoints
- Implement password reset functionality with email verification flow
- Add comprehensive API response structures with proper error handling
- Configure all auth routes under /api/v1/auth scope with proper tagging
This commit is contained in:
zhenyi
2026-06-07 18:09:38 +08:00
parent 2bb5834167
commit 0d3b53f7a0
24 changed files with 816 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/openapi.rs
+81
View File
@@ -1,4 +1,85 @@
use utoipa::OpenApi;
use crate::api::auth::regenerate_2fa_backup_codes::{
Regenerate2FABackupCodesRequest, Regenerate2FABackupCodesResponse,
};
use crate::api::auth::register::RegisterResponse;
use crate::api::response::{ApiEmptyResponse, ApiErrorResponse, ApiResponse};
use crate::service::auth::captcha::{CaptchaQuery, CaptchaResponse};
use crate::service::auth::email::{EmailChangeRequest, EmailResponse, EmailVerifyRequest};
use crate::service::auth::login::LoginParams;
use crate::service::auth::me::ContextMe;
use crate::service::auth::register::{
RegisterEmailCodeParams, RegisterEmailCodeResponse, RegisterParams,
};
use crate::service::auth::reset_pass::{ResetPasswordRequest, ResetPasswordVerifyParams};
use crate::service::auth::rsa::RsaResponse;
use crate::service::auth::totp::{
Disable2FAParams, Enable2FAResponse, Get2FAStatusResponse, Verify2FAParams,
};
#[derive(OpenApi)]
#[openapi(
info(
title = "AppKS API",
version = "0.1.0",
description = "AppKS collaborative development platform HTTP API. Auth endpoints use server-side sessions backed by Redis and a signed/encrypted session cookie. Sensitive password fields are RSA-OAEP-SHA256 encrypted per session before transmission."
),
tags(
(name = "Auth", description = "Authentication, registration, session and email security endpoints."),
(name = "Auth / 2FA", description = "TOTP two-factor authentication management endpoints.")
),
paths(
crate::api::auth::rsa::handle,
crate::api::auth::captcha::handle,
crate::api::auth::login::handle,
crate::api::auth::logout::handle,
crate::api::auth::me::handle,
crate::api::auth::register_email_code::handle,
crate::api::auth::register::handle,
crate::api::auth::get_email::handle,
crate::api::auth::request_email_change::handle,
crate::api::auth::verify_email::handle,
crate::api::auth::request_reset_password::handle,
crate::api::auth::verify_reset_password::handle,
crate::api::auth::get_2fa_status::handle,
crate::api::auth::enable_2fa::handle,
crate::api::auth::verify_2fa::handle,
crate::api::auth::disable_2fa::handle,
crate::api::auth::regenerate_2fa_backup_codes::handle
),
components(schemas(
ApiEmptyResponse,
ApiErrorResponse,
ApiResponse<RsaResponse>,
ApiResponse<CaptchaResponse>,
ApiResponse<ContextMe>,
ApiResponse<RegisterEmailCodeResponse>,
ApiResponse<RegisterResponse>,
ApiResponse<EmailResponse>,
ApiResponse<Get2FAStatusResponse>,
ApiResponse<Enable2FAResponse>,
ApiResponse<Regenerate2FABackupCodesResponse>,
RsaResponse,
CaptchaQuery,
CaptchaResponse,
LoginParams,
ContextMe,
RegisterEmailCodeParams,
RegisterEmailCodeResponse,
RegisterParams,
RegisterResponse,
EmailResponse,
EmailChangeRequest,
EmailVerifyRequest,
ResetPasswordRequest,
ResetPasswordVerifyParams,
Get2FAStatusResponse,
Enable2FAResponse,
Verify2FAParams,
Disable2FAParams,
Regenerate2FABackupCodesRequest,
Regenerate2FABackupCodesResponse
))
)]
pub struct OpenApiDoc;