nihonium/nyanimedb
1
0
Fork 1
Code Issues 10 Pull requests Releases Packages 3 Activity Actions

feat: send xsrf_token header
Some checks failed
Build and Deploy Go App / build (push) Has been cancelled
Details
Build and Deploy Go App / deploy (push) Has been cancelled
Details

Browse source
This commit is contained in:
nihonium 2025-12-04 07:17:31 +03:00
parent b79a6b9117
commit 1bbfa338d9
Signed by: nihonium
GPG key ID: 0251623741027CFC
15 changed files with 151 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

15
api/_build/openapi.yaml
View file

@ -150,6 +150,8 @@ paths:
description: User not found
'500':
description: Unknown server error
security:
- JwtAuthCookies: []
patch:
operationId: updateUser
summary: Partially update a user account
@ -158,8 +160,7 @@ paths:
Password updates must be done via the dedicated auth-service (`/auth/`).
Fields not provided in the request body remain unchanged.
parameters:
- $ref: '#/components/parameters/accessToken'
- $ref: '#/components/parameters/csrfToken'
- $ref: '#/components/parameters/csrfTokenHeader'
- name: user_id
in: path
description: User ID (primary key)
@ -404,11 +405,14 @@ paths:
description: User or title not found
'500':
description: Unknown server error
security:
- JwtAuthCookies: []
patch:
operationId: updateUserTitle
summary: Update a usertitle
description: User updating title list of watched
parameters:
- $ref: '#/components/parameters/csrfTokenHeader'
- name: user_id
in: path
required: true
@ -450,11 +454,14 @@ paths:
description: User or Title not found
'500':
description: Internal server error
security:
- JwtAuthCookies: []
delete:
operationId: deleteUserTitle
summary: Delete a usertitle
description: User deleting title from list of watched
parameters:
- $ref: '#/components/parameters/csrfTokenHeader'
- name: user_id
in: path
required: true
@ -478,6 +485,8 @@ paths:
description: User or Title not found
'500':
description: Internal server error
security:
- JwtAuthCookies: []
components:
parameters:
accessToken:
@ -491,7 +500,7 @@ components:
description: |
JWT access token.
csrfToken:
name: XSRF-TOKEN
name: xsrf_token
in: cookie
required: true
schema:

2
api/parameters/xsrf_token_cookie.yaml
View file

@ -1,4 +1,4 @@
name: XSRF-TOKEN
name: xsrf_token
in: cookie
required: true
schema:

8
api/paths/users-id-titles-id.yaml
View file

@ -1,6 +1,8 @@
get:
summary: Get user title
operationId: getUserTitle
security:
- JwtAuthCookies: []
parameters:
- in: path
name: user_id
@ -34,7 +36,10 @@ patch:
summary: Update a usertitle
description: User updating title list of watched
operationId: updateUserTitle
security:
- JwtAuthCookies: []
parameters:
- $ref: '../parameters/xsrf_token_header.yaml'
- in: path
name: user_id
required: true
@ -81,7 +86,10 @@ delete:
summary: Delete a usertitle
description: User deleting title from list of watched
operationId: deleteUserTitle
security:
- JwtAuthCookies: []
parameters:
- $ref: '../parameters/xsrf_token_header.yaml'
- in: path
name: user_id
required: true

5
api/paths/users-id.yaml
View file

@ -1,6 +1,8 @@
get:
summary: Get user info
operationId: getUsersId
security:
- JwtAuthCookies: []
parameters:
- in: path
name: user_id
@ -36,8 +38,7 @@ patch:
Fields not provided in the request body remain unchanged.
operationId: updateUser
parameters:
- $ref: '../parameters/access_token.yaml' # ← для поля в UI и GoDoc
- $ref: '../parameters/xsrf_token_cookie.yaml' # ← для CSRF
- $ref: '../parameters/xsrf_token_header.yaml'
- name: user_id
in: path
required: true