versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2025-12-06 00:18:19 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: 🔥 Remove old tests and docs related to old auth endpoints

Browse source
This commit is contained in:
Jesse Wierzbinski 2025-11-21 06:45:12 +01:00
parent ae207c10b6
commit a9dbd2cc4e
No known key found for this signature in database
3 changed files with 5 additions and 83 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
docs/frontend/auth.md
View file

@ -3,7 +3,7 @@
Multiple API routes are exposed for authentication, to be used by frontend developers. Multiple API routes are exposed for authentication, to be used by frontend developers.
> [!INFO] > [!INFO]
> >
> These are different from the Client API routes, which are used by clients to interact with the Mastodon API. > These are different from the Client API routes, which are used by clients to interact with the Mastodon API.
A frontend is a web application that is designed to be the primary user interface for an instance. It is used also used by clients to perform authentication. A frontend is a web application that is designed to be the primary user interface for an instance. It is used also used by clients to perform authentication.
@ -48,58 +48,6 @@ Frontend configuration.
} }
``` ```
## Sign In
```http
POST /api/auth/login
```
Allows users to sign in to the instance. This is the first step in the authentication process.
- **Returns**: `302 Found` with a `Location` header to redirect the user to the next step, as well as a `Set-Cookie` header with the session JWT.
- **Authentication**: Not required
- **Permissions**: None
- **Version History**:
- `0.7.0`: First documented.
### Request
- `identifier` (string, required): The username or email of the user. Case-insensitive.
- `password` (string, required): The password of the user.
#### Query Parameters
- `client_id` (string, required): Client ID of the [application](https://docs.joinmastodon.org/entities/Application/) that is making the request.
- `redirect_uri` (string, required): Redirect URI of the [application](https://docs.joinmastodon.org/entities/Application/) that is making the request. Must match the saved value.
- `response_type` (string, required): Must be `code`.
- `scope` (string, required): OAuth2 scopes. Must match the value indicated in the [application](https://docs.joinmastodon.org/entities/Application/).
#### Example
```http
POST /api/auth/login?client_id=123&redirect_uri=https%3A%2F%2Fexample.com%2Fauth&response_type=code&scope=read%20write
Content-Type: application/json
{
"identifier": "bobjones@gmail.com",
"password": "hunter2"
}
```
### Response
#### `302 Found`
Redirects the user to the consent page with some query parameters. The frontend should redirect the user to this URL.
This response also has a `Set-Cookie` header with a [JSON Web Token](https://jwt.io/) that contains the user's session information. This JWT is signed with the instance's secret key, and must be included in all subsequent authentication requests.
```http
HTTP/2.0 302 Found
Location: /oauth/consent?client_id=123&redirect_uri=https%3A%2F%2Fexample.com%2Fauth&response_type=code&scope=read%20write
Set-Cookie: jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; Path=/; HttpOnly; Secure; SameSite=Strict; Max-Age=3600
```
## SSO Sign In ## SSO Sign In
```http ```http
@ -136,4 +84,4 @@ Redirects the user to the OpenID Connect provider's login page.
```http ```http
HTTP/2.0 302 Found HTTP/2.0 302 Found
Location: https://accounts.google.com/o/oauth2/auth?client_id=123&redirect_uri=https%3A%2F%2Fexample.com%2Fauth&response_type=code&scope=openid%20email&state=123 Location: https://accounts.google.com/o/oauth2/auth?client_id=123&redirect_uri=https%3A%2F%2Fexample.com%2Fauth&response_type=code&scope=openid%20email&state=123
``` ```

2
docs/frontend/routes.md
View file

@ -12,7 +12,7 @@ GET /oauth/authorize
This route should display a login form for the user to enter their username and password, as well as a list of OpenID providers to use if available. This route should display a login form for the user to enter their username and password, as well as a list of OpenID providers to use if available.
The form should submit to [`POST /api/auth/login`](./auth.md#sign-in), or to the OpenID Connect flow. The form should submit to the OpenID Connect flow.
Configurable in the Versia Server configuration at `frontend.routes.login`. Configurable in the Versia Server configuration at `frontend.routes.login`.

30
packages/api/routes/oauth.test.ts
View file

@ -1,12 +1,7 @@
import { afterAll, describe, expect, test } from "bun:test"; import { afterAll, describe, expect, test } from "bun:test";
import { import { generateClient, getTestUsers } from "@versia-server/tests";
fakeRequest,
generateClient,
getTestUsers,
} from "@versia-server/tests";
let clientId: string; const { users, deleteUsers } = await getTestUsers(1);
const { users, passwords, deleteUsers } = await getTestUsers(1);
afterAll(async () => { afterAll(async () => {
await deleteUsers(); await deleteUsers();
@ -33,27 +28,6 @@ describe("Login flow", () => {
redirect_uris: ["https://example.com"], redirect_uris: ["https://example.com"],
scopes: ["read", "write"], scopes: ["read", "write"],
}); });
clientId = data.client_id;
});
test("should get a JWT", async () => {
const formData = new FormData();
formData.append("identifier", users[0]?.data.email ?? "");
formData.append("password", passwords[0]);
const response = await fakeRequest(
`/api/auth/login?client_id=${clientId}&redirect_uri=https://example.com&response_type=code&scope=read+write`,
{
method: "POST",
body: formData,
},
);
expect(response.status).toBe(302);
//jwt = response.headers.get("Set-Cookie")?.match(/jwt=([^;]+);/)?.[1] ?? "";
}); });
// TODO: Test full flow including OpenID part // TODO: Test full flow including OpenID part