mirror of
https://github.com/usememos/memos.git
synced 2025-10-28 23:36:17 +08:00
81 lines
2.6 KiB
Protocol Buffer
81 lines
2.6 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
package memos.api.v1;
|
|
|
|
import "api/v1/user_service.proto";
|
|
import "google/api/annotations.proto";
|
|
import "google/api/field_behavior.proto";
|
|
import "google/protobuf/empty.proto";
|
|
|
|
option go_package = "gen/api/v1";
|
|
|
|
service AuthService {
|
|
// GetCurrentSession returns the current active session information.
|
|
// This method is idempotent and safe, suitable for checking current session state.
|
|
rpc GetCurrentSession(GetCurrentSessionRequest) returns (User) {
|
|
option (google.api.http) = {get: "/api/v1/auth/sessions/current"};
|
|
}
|
|
|
|
// CreateSession authenticates a user and creates a new session.
|
|
// Returns the authenticated user information upon successful authentication.
|
|
rpc CreateSession(CreateSessionRequest) returns (User) {
|
|
option (google.api.http) = {
|
|
post: "/api/v1/auth/sessions"
|
|
body: "*"
|
|
};
|
|
}
|
|
|
|
// DeleteSession terminates the current user session.
|
|
// This is an idempotent operation that invalidates the user's authentication.
|
|
rpc DeleteSession(DeleteSessionRequest) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {delete: "/api/v1/auth/sessions/current"};
|
|
}
|
|
}
|
|
|
|
message GetCurrentSessionRequest {}
|
|
|
|
message GetCurrentSessionResponse {
|
|
User user = 1;
|
|
}
|
|
|
|
message CreateSessionRequest {
|
|
// Provide one authentication method (username/password or SSO).
|
|
// Required field to specify the authentication method.
|
|
oneof method {
|
|
// Username and password authentication method.
|
|
PasswordCredentials password_credentials = 1;
|
|
|
|
// SSO provider authentication method.
|
|
SSOCredentials sso_credentials = 2;
|
|
}
|
|
|
|
// Whether the session should never expire.
|
|
// Optional field that defaults to false for security.
|
|
bool never_expire = 3 [(google.api.field_behavior) = OPTIONAL];
|
|
}
|
|
|
|
message PasswordCredentials {
|
|
// The username to sign in with.
|
|
// Required field for password-based authentication.
|
|
string username = 1 [(google.api.field_behavior) = REQUIRED];
|
|
|
|
// The password to sign in with.
|
|
// Required field for password-based authentication.
|
|
string password = 2 [(google.api.field_behavior) = REQUIRED];
|
|
}
|
|
|
|
message SSOCredentials {
|
|
// The ID of the SSO provider.
|
|
// Required field to identify the SSO provider.
|
|
int32 idp_id = 1 [(google.api.field_behavior) = REQUIRED];
|
|
|
|
// The authorization code from the SSO provider.
|
|
// Required field for completing the SSO flow.
|
|
string code = 2 [(google.api.field_behavior) = REQUIRED];
|
|
|
|
// The redirect URI used in the SSO flow.
|
|
// Required field for security validation.
|
|
string redirect_uri = 3 [(google.api.field_behavior) = REQUIRED];
|
|
}
|
|
|
|
message DeleteSessionRequest {}
|