feat: manage link token via cookie instead

This commit is contained in:
bo0tzz
2026-04-18 12:27:02 +02:00
parent b8c373f0f1
commit d50ea005a1
22 changed files with 117 additions and 253 deletions
-1
View File
@@ -122,7 +122,6 @@ Class | Method | HTTP request | Description
*AuthenticationApi* | [**changePinCode**](doc//AuthenticationApi.md#changepincode) | **PUT** /auth/pin-code | Change pin code
*AuthenticationApi* | [**finishOAuth**](doc//AuthenticationApi.md#finishoauth) | **POST** /oauth/callback | Finish OAuth
*AuthenticationApi* | [**getAuthStatus**](doc//AuthenticationApi.md#getauthstatus) | **GET** /auth/status | Retrieve auth status
*AuthenticationApi* | [**linkOAuthAccount**](doc//AuthenticationApi.md#linkoauthaccount) | **POST** /oauth/link | Link OAuth account
*AuthenticationApi* | [**lockAuthSession**](doc//AuthenticationApi.md#lockauthsession) | **POST** /auth/session/lock | Lock auth session
*AuthenticationApi* | [**login**](doc//AuthenticationApi.md#login) | **POST** /auth/login | Login
*AuthenticationApi* | [**logout**](doc//AuthenticationApi.md#logout) | **POST** /auth/logout | Logout
-56
View File
@@ -224,62 +224,6 @@ class AuthenticationApi {
return null;
}
/// Link OAuth account
///
/// Link an OAuth account to the authenticated user.
///
/// Note: This method returns the HTTP [Response].
///
/// Parameters:
///
/// * [OAuthCallbackDto] oAuthCallbackDto (required):
Future<Response> linkOAuthAccountWithHttpInfo(OAuthCallbackDto oAuthCallbackDto,) async {
// ignore: prefer_const_declarations
final apiPath = r'/oauth/link';
// ignore: prefer_final_locals
Object? postBody = oAuthCallbackDto;
final queryParams = <QueryParam>[];
final headerParams = <String, String>{};
final formParams = <String, String>{};
const contentTypes = <String>['application/json'];
return apiClient.invokeAPI(
apiPath,
'POST',
queryParams,
postBody,
headerParams,
formParams,
contentTypes.isEmpty ? null : contentTypes.first,
);
}
/// Link OAuth account
///
/// Link an OAuth account to the authenticated user.
///
/// Parameters:
///
/// * [OAuthCallbackDto] oAuthCallbackDto (required):
Future<UserAdminResponseDto?> linkOAuthAccount(OAuthCallbackDto oAuthCallbackDto,) async {
final response = await linkOAuthAccountWithHttpInfo(oAuthCallbackDto,);
if (response.statusCode >= HttpStatus.badRequest) {
throw ApiException(response.statusCode, await _decodeBodyBytes(response));
}
// When a remote server returns no body with a status of 204, we shall not decode it.
// At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
// FormatException when trying to decode an empty string.
if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserAdminResponseDto',) as UserAdminResponseDto;
}
return null;
}
/// Lock auth session
///
/// Remove elevated access to locked assets from the current session.
+1 -19
View File
@@ -14,49 +14,32 @@ class LoginCredentialDto {
/// Returns a new [LoginCredentialDto] instance.
LoginCredentialDto({
required this.email,
this.oauthLinkToken,
required this.password,
});
/// User email
String email;
/// OAuth link token to consume on successful login
///
/// Please note: This property should have been non-nullable! Since the specification file
/// does not include a default value (using the "default:" property), however, the generated
/// source code must fall back to having a nullable type.
/// Consider adding a "default:" property in the specification file to hide this note.
///
String? oauthLinkToken;
/// User password
String password;
@override
bool operator ==(Object other) => identical(this, other) || other is LoginCredentialDto &&
other.email == email &&
other.oauthLinkToken == oauthLinkToken &&
other.password == password;
@override
int get hashCode =>
// ignore: unnecessary_parenthesis
(email.hashCode) +
(oauthLinkToken == null ? 0 : oauthLinkToken!.hashCode) +
(password.hashCode);
@override
String toString() => 'LoginCredentialDto[email=$email, oauthLinkToken=$oauthLinkToken, password=$password]';
String toString() => 'LoginCredentialDto[email=$email, password=$password]';
Map<String, dynamic> toJson() {
final json = <String, dynamic>{};
json[r'email'] = this.email;
if (this.oauthLinkToken != null) {
json[r'oauthLinkToken'] = this.oauthLinkToken;
} else {
// json[r'oauthLinkToken'] = null;
}
json[r'password'] = this.password;
return json;
}
@@ -71,7 +54,6 @@ class LoginCredentialDto {
return LoginCredentialDto(
email: mapValueOfType<String>(json, r'email')!,
oauthLinkToken: mapValueOfType<String>(json, r'oauthLinkToken'),
password: mapValueOfType<String>(json, r'password')!,
);
}
+1 -19
View File
@@ -15,7 +15,6 @@ class SignUpDto {
SignUpDto({
required this.email,
required this.name,
this.oauthLinkToken,
required this.password,
});
@@ -25,15 +24,6 @@ class SignUpDto {
/// User name
String name;
/// OAuth link token to consume on successful login
///
/// Please note: This property should have been non-nullable! Since the specification file
/// does not include a default value (using the "default:" property), however, the generated
/// source code must fall back to having a nullable type.
/// Consider adding a "default:" property in the specification file to hide this note.
///
String? oauthLinkToken;
/// User password
String password;
@@ -41,7 +31,6 @@ class SignUpDto {
bool operator ==(Object other) => identical(this, other) || other is SignUpDto &&
other.email == email &&
other.name == name &&
other.oauthLinkToken == oauthLinkToken &&
other.password == password;
@override
@@ -49,21 +38,15 @@ class SignUpDto {
// ignore: unnecessary_parenthesis
(email.hashCode) +
(name.hashCode) +
(oauthLinkToken == null ? 0 : oauthLinkToken!.hashCode) +
(password.hashCode);
@override
String toString() => 'SignUpDto[email=$email, name=$name, oauthLinkToken=$oauthLinkToken, password=$password]';
String toString() => 'SignUpDto[email=$email, name=$name, password=$password]';
Map<String, dynamic> toJson() {
final json = <String, dynamic>{};
json[r'email'] = this.email;
json[r'name'] = this.name;
if (this.oauthLinkToken != null) {
json[r'oauthLinkToken'] = this.oauthLinkToken;
} else {
// json[r'oauthLinkToken'] = null;
}
json[r'password'] = this.password;
return json;
}
@@ -79,7 +62,6 @@ class SignUpDto {
return SignUpDto(
email: mapValueOfType<String>(json, r'email')!,
name: mapValueOfType<String>(json, r'name')!,
oauthLinkToken: mapValueOfType<String>(json, r'oauthLinkToken'),
password: mapValueOfType<String>(json, r'password')!,
);
}