update mian.rs and openapi.json

2026-06-12 16:55:36 +08:00
parent 5f4e9bdfa7
commit 931d82cbb9
5 changed files with 167 additions and 0 deletions
@@ -1035,6 +1035,48 @@
        }
      }
    },
+    "/api/v1/auth/ws-token": {
+      "post": {
+        "tags": [
+          "Auth"
+        ],
+        "summary": "Issue a short-lived WebSocket token",
+        "description": "Issue a short-lived JWT (30 minutes) scoped to IM WebSocket access. The token is signed by the appks signing key and can be verified by imks either locally (via cached signing keys) or via RPC. The returned token should be passed as `{ token: <value> }` in the Socket.IO CONNECT auth packet. Requires an authenticated session.",
+        "operationId": "authWsToken",
+        "responses": {
+          "200": {
+            "description": "Token issued successfully.",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/ApiResponse_WsTokenResponse"
+                }
+              }
+            }
+          },
+          "401": {
+            "description": "The current session is unauthenticated or the login state has expired.",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/ApiErrorResponse"
+                }
+              }
+            }
+          },
+          "500": {
+            "description": "Token issuance or Redis write failed.",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/ApiErrorResponse"
+                }
+              }
+            }
+          }
+        }
+      }
+    },
    "/api/v1/im/workspaces/{workspace_name}/categories": {
      "get": {
        "tags": [
@@ -44098,6 +44140,33 @@
          }
        }
      },
+      "ApiResponse_WsTokenResponse": {
+        "type": "object",
+        "required": [
+          "data"
+        ],
+        "properties": {
+          "data": {
+            "type": "object",
+            "description": "Response payload for `POST /auth/ws-token`.",
+            "required": [
+              "token",
+              "expires_at"
+            ],
+            "properties": {
+              "expires_at": {
+                "type": "integer",
+                "format": "int64",
+                "description": "Unix timestamp (seconds) when the token expires."
+              },
+              "token": {
+                "type": "string",
+                "description": "Short-lived JWT prefixed with \"Bearer \" for use in the Socket.IO CONNECT auth packet."
+              }
+            }
+          }
+        }
+      },
      "ApiResponse_bool": {
        "type": "object",
        "required": [
@@ -55495,6 +55564,25 @@
            "format": "uuid"
          }
        }
+      },
+      "WsTokenResponse": {
+        "type": "object",
+        "description": "Response payload for `POST /auth/ws-token`.",
+        "required": [
+          "token",
+          "expires_at"
+        ],
+        "properties": {
+          "expires_at": {
+            "type": "integer",
+            "format": "int64",
+            "description": "Unix timestamp (seconds) when the token expires."
+          },
+          "token": {
+            "type": "string",
+            "description": "Short-lived JWT prefixed with \"Bearer \" for use in the Socket.IO CONNECT auth packet."
+          }
+        }
      }
    }
  },