yetangitu/timelimit-server
1
0
Fork 0
mirror of https://codeberg.org/timelimit/timelimit-server.git synced 2025-10-03 01:39:31 +02:00
Code Issues Projects Releases Wiki Activity

Add identity tokens

Browse source
This commit is contained in:
Jonas Lochmann 2022-09-12 02:00:00 +02:00
parent a86a0abb05
commit 04aa2ce517
No known key found for this signature in database
GPG key ID: 8B8C9AEE10FA5B36
18 changed files with 390 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

25
docs/api/parent.md
View file

@ -169,3 +169,28 @@ If there is no device with the specified ``deviceId``: HTTP status code 409 Conf
If the ``secondPasswordHash`` is invalid: HTTP status code 401 Unauthorized
On success: ``{"ok": true}``
## POST /parent/create-identity-token
Use this to get a identity token.
This can be used to inform the server operator about ones user account.
### request
see [this JSON schema](../schema/requestidentitytokenrequest.md)
in case of a device used by a parent with disabled password checks, use ``device`` as ``secondPasswordHash``
## response
On a invalid request body: HTTP status code 400 Bad Request
If the device auth token is invalid: HTTP status code 401 Unauthorized
If there is no device with the specified ``deviceId``: HTTP status code 409 Conflict
If the ``secondPasswordHash`` is invalid: HTTP status code 401 Unauthorized
If the server does not support this request: HTTP status code 404
On success: ``{"token": "some string"}``; you should not make any assumptions about the token string

2
docs/schema/README.md
View file

@ -26,6 +26,8 @@
* [RemoveDeviceRequest](./removedevicerequest.md) `https://timelimit.io/RemoveDeviceRequest`
* [RequestIdentityTokenRequest](./requestidentitytokenrequest.md) `https://timelimit.io/RequestIdentityTokenRequest`
* [RequestWithAuthToken](./requestwithauthtoken.md) `https://timelimit.io/RequestWithAuthToken`
* [SendMailLoginCodeRequest](./sendmaillogincoderequest.md) `https://timelimit.io/SendMailLoginCodeRequest`

31
docs/schema/RequestIdentityTokenRequest.schema.json Normal file
View file

@ -0,0 +1,31 @@
{
"type": "object",
"properties": {
"deviceAuthToken": {
"type": "string"
},
"parentUserId": {
"type": "string"
},
"parentPasswordSecondHash": {
"type": "string"
},
"purpose": {
"type": "string",
"enum": [
"purchase"
]
}
},
"additionalProperties": false,
"required": [
"deviceAuthToken",
"parentPasswordSecondHash",
"parentUserId",
"purpose"
],
"definitions": {},
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "RequestIdentityTokenRequest",
"$id": "https://timelimit.io/RequestIdentityTokenRequest"
}

15
docs/schema/requestidentitytokenrequest-definitions.md Normal file
View file

@ -0,0 +1,15 @@
# Untitled undefined type in RequestIdentityTokenRequest Schema
```txt
https://timelimit.io/RequestIdentityTokenRequest#/definitions
```
| Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
| :------------------ | :--------- | :------------- | :---------------------- | :---------------- | :-------------------- | :------------------ | :---------------------------------------------------------------------------------------------------------- |
| Can be instantiated | No | Unknown status | Unknown identifiability | Forbidden | Allowed | none | [RequestIdentityTokenRequest.schema.json\*](RequestIdentityTokenRequest.schema.json "open original schema") |
## definitions Type
unknown

15
docs/schema/requestidentitytokenrequest-properties-deviceauthtoken.md Normal file
View file

@ -0,0 +1,15 @@
# Untitled string in RequestIdentityTokenRequest Schema
```txt
https://timelimit.io/RequestIdentityTokenRequest#/properties/deviceAuthToken
```
| Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
| :------------------ | :--------- | :------------- | :---------------------- | :---------------- | :-------------------- | :------------------ | :---------------------------------------------------------------------------------------------------------- |
| Can be instantiated | No | Unknown status | Unknown identifiability | Forbidden | Allowed | none | [RequestIdentityTokenRequest.schema.json\*](RequestIdentityTokenRequest.schema.json "open original schema") |
## deviceAuthToken Type
`string`

15
docs/schema/requestidentitytokenrequest-properties-parentpasswordsecondhash.md Normal file
View file

@ -0,0 +1,15 @@
# Untitled string in RequestIdentityTokenRequest Schema
```txt
https://timelimit.io/RequestIdentityTokenRequest#/properties/parentPasswordSecondHash
```
| Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
| :------------------ | :--------- | :------------- | :---------------------- | :---------------- | :-------------------- | :------------------ | :---------------------------------------------------------------------------------------------------------- |
| Can be instantiated | No | Unknown status | Unknown identifiability | Forbidden | Allowed | none | [RequestIdentityTokenRequest.schema.json\*](RequestIdentityTokenRequest.schema.json "open original schema") |
## parentPasswordSecondHash Type
`string`

15
docs/schema/requestidentitytokenrequest-properties-parentuserid.md Normal file
View file

@ -0,0 +1,15 @@
# Untitled string in RequestIdentityTokenRequest Schema
```txt
https://timelimit.io/RequestIdentityTokenRequest#/properties/parentUserId
```
| Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
| :------------------ | :--------- | :------------- | :---------------------- | :---------------- | :-------------------- | :------------------ | :---------------------------------------------------------------------------------------------------------- |
| Can be instantiated | No | Unknown status | Unknown identifiability | Forbidden | Allowed | none | [RequestIdentityTokenRequest.schema.json\*](RequestIdentityTokenRequest.schema.json "open original schema") |
## parentUserId Type
`string`

23
docs/schema/requestidentitytokenrequest-properties-purpose.md Normal file
View file

@ -0,0 +1,23 @@
# Untitled string in RequestIdentityTokenRequest Schema
```txt
https://timelimit.io/RequestIdentityTokenRequest#/properties/purpose
```
| Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
| :------------------ | :--------- | :------------- | :---------------------- | :---------------- | :-------------------- | :------------------ | :---------------------------------------------------------------------------------------------------------- |
| Can be instantiated | No | Unknown status | Unknown identifiability | Forbidden | Allowed | none | [RequestIdentityTokenRequest.schema.json\*](RequestIdentityTokenRequest.schema.json "open original schema") |
## purpose Type
`string`
## purpose Constraints
**enum**: the value of this property must be equal to one of the following values:
| Value | Explanation |
| :----------- | :---------- |
| `"purchase"` | |

106
docs/schema/requestidentitytokenrequest.md Normal file
View file

@ -0,0 +1,106 @@
# RequestIdentityTokenRequest Schema
```txt
https://timelimit.io/RequestIdentityTokenRequest
```
| Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
| :------------------ | :--------- | :------------- | :----------- | :---------------- | :-------------------- | :------------------ | :-------------------------------------------------------------------------------------------------------- |
| Can be instantiated | Yes | Unknown status | No | Forbidden | Forbidden | none | [RequestIdentityTokenRequest.schema.json](RequestIdentityTokenRequest.schema.json "open original schema") |
## RequestIdentityTokenRequest Type
`object` ([RequestIdentityTokenRequest](requestidentitytokenrequest.md))
# RequestIdentityTokenRequest Properties
| Property | Type | Required | Nullable | Defined by |
| :---------------------------------------------------- | :------- | :------- | :------------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [deviceAuthToken](#deviceauthtoken) | `string` | Required | cannot be null | [RequestIdentityTokenRequest](requestidentitytokenrequest-properties-deviceauthtoken.md "https://timelimit.io/RequestIdentityTokenRequest#/properties/deviceAuthToken") |
| [parentUserId](#parentuserid) | `string` | Required | cannot be null | [RequestIdentityTokenRequest](requestidentitytokenrequest-properties-parentuserid.md "https://timelimit.io/RequestIdentityTokenRequest#/properties/parentUserId") |
| [parentPasswordSecondHash](#parentpasswordsecondhash) | `string` | Required | cannot be null | [RequestIdentityTokenRequest](requestidentitytokenrequest-properties-parentpasswordsecondhash.md "https://timelimit.io/RequestIdentityTokenRequest#/properties/parentPasswordSecondHash") |
| [purpose](#purpose) | `string` | Required | cannot be null | [RequestIdentityTokenRequest](requestidentitytokenrequest-properties-purpose.md "https://timelimit.io/RequestIdentityTokenRequest#/properties/purpose") |
## deviceAuthToken
`deviceAuthToken`
* is required
* Type: `string`
* cannot be null
* defined in: [RequestIdentityTokenRequest](requestidentitytokenrequest-properties-deviceauthtoken.md "https://timelimit.io/RequestIdentityTokenRequest#/properties/deviceAuthToken")
### deviceAuthToken Type
`string`
## parentUserId
`parentUserId`
* is required
* Type: `string`
* cannot be null
* defined in: [RequestIdentityTokenRequest](requestidentitytokenrequest-properties-parentuserid.md "https://timelimit.io/RequestIdentityTokenRequest#/properties/parentUserId")
### parentUserId Type
`string`
## parentPasswordSecondHash
`parentPasswordSecondHash`
* is required
* Type: `string`
* cannot be null
* defined in: [RequestIdentityTokenRequest](requestidentitytokenrequest-properties-parentpasswordsecondhash.md "https://timelimit.io/RequestIdentityTokenRequest#/properties/parentPasswordSecondHash")
### parentPasswordSecondHash Type
`string`
## purpose
`purpose`
* is required
* Type: `string`
* cannot be null
* defined in: [RequestIdentityTokenRequest](requestidentitytokenrequest-properties-purpose.md "https://timelimit.io/RequestIdentityTokenRequest#/properties/purpose")
### purpose Type
`string`
### purpose Constraints
**enum**: the value of this property must be equal to one of the following values:
| Value | Explanation |
| :----------- | :---------- |
| `"purchase"` | |
# RequestIdentityTokenRequest Definitions

3
docs/usage/configuration.md
View file

@ -54,3 +54,6 @@
- PING_INTERVAL_SEC
- ping interval at the websocket in seconds
- the default value is ``25``
- SIGN_SECRET
- used for signing tokens
- if not set or set to an empty string, then the features that depend on it are disabled