feat: lock auth session (#18322)

2025-10-31 13:57:39 +09:00 · 2025-05-15 18:08:31 -04:00
parent ecb66fdb2c
commit c1150fe7e3
37 changed files with 765 additions and 123 deletions
--- a/open-api/typescript-sdk/src/fetch-client.ts
+++ b/open-api/typescript-sdk/src/fetch-client.ts
@@ -512,18 +512,28 @@ export type LogoutResponseDto = {
    redirectUri: string;
    successful: boolean;
 };
-export type PinCodeChangeDto = {
-    newPinCode: string;
+export type PinCodeResetDto = {
    password?: string;
    pinCode?: string;
 };
 export type PinCodeSetupDto = {
    pinCode: string;
 };
+export type PinCodeChangeDto = {
+    newPinCode: string;
+    password?: string;
+    pinCode?: string;
+};
+export type SessionUnlockDto = {
+    password?: string;
+    pinCode?: string;
+};
 export type AuthStatusResponseDto = {
+    expiresAt?: string;
    isElevated: boolean;
    password: boolean;
    pinCode: boolean;
+    pinExpiresAt?: string;
 };
 export type ValidateAccessTokenResponseDto = {
    authStatus: boolean;
@@ -1075,6 +1085,7 @@ export type SessionResponseDto = {
    current: boolean;
    deviceOS: string;
    deviceType: string;
+    expiresAt?: string;
    id: string;
    updatedAt: string;
 };
@@ -1089,6 +1100,7 @@ export type SessionCreateResponseDto = {
    current: boolean;
    deviceOS: string;
    deviceType: string;
+    expiresAt?: string;
    id: string;
    token: string;
    updatedAt: string;
@@ -2066,13 +2078,13 @@ export function logout(opts?: Oazapfts.RequestOpts) {
        method: "POST"
    }));
 }
-export function resetPinCode({ pinCodeChangeDto }: {
-    pinCodeChangeDto: PinCodeChangeDto;
+export function resetPinCode({ pinCodeResetDto }: {
+    pinCodeResetDto: PinCodeResetDto;
 }, opts?: Oazapfts.RequestOpts) {
    return oazapfts.ok(oazapfts.fetchText("/auth/pin-code", oazapfts.json({
        ...opts,
        method: "DELETE",
-        body: pinCodeChangeDto
+        body: pinCodeResetDto
    })));
 }
 export function setupPinCode({ pinCodeSetupDto }: {
@@ -2093,13 +2105,19 @@ export function changePinCode({ pinCodeChangeDto }: {
        body: pinCodeChangeDto
    })));
 }
-export function verifyPinCode({ pinCodeSetupDto }: {
-    pinCodeSetupDto: PinCodeSetupDto;
+export function lockAuthSession(opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchText("/auth/session/lock", {
+        ...opts,
+        method: "POST"
+    }));
+}
+export function unlockAuthSession({ sessionUnlockDto }: {
+    sessionUnlockDto: SessionUnlockDto;
 }, opts?: Oazapfts.RequestOpts) {
-    return oazapfts.ok(oazapfts.fetchText("/auth/pin-code/verify", oazapfts.json({
+    return oazapfts.ok(oazapfts.fetchText("/auth/session/unlock", oazapfts.json({
        ...opts,
        method: "POST",
-        body: pinCodeSetupDto
+        body: sessionUnlockDto
    })));
 }
 export function getAuthStatus(opts?: Oazapfts.RequestOpts) {
@@ -2952,6 +2970,14 @@ export function deleteSession({ id }: {
        method: "DELETE"
    }));
 }
+export function lockSession({ id }: {
+    id: string;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchText(`/sessions/${encodeURIComponent(id)}/lock`, {
+        ...opts,
+        method: "POST"
+    }));
+}
 export function getAllSharedLinks({ albumId }: {
    albumId?: string;
 }, opts?: Oazapfts.RequestOpts) {
@@ -3709,6 +3735,7 @@ export enum Permission {
    SessionRead = "session.read",
    SessionUpdate = "session.update",
    SessionDelete = "session.delete",
+    SessionLock = "session.lock",
    SharedLinkCreate = "sharedLink.create",
    SharedLinkRead = "sharedLink.read",
    SharedLinkUpdate = "sharedLink.update",