feat(auth): support trusted device (#52)

New API to maintain sessions and devices:

- GET /api/private/admin/sessions
- DELETE /api/private/admin/sessions/{session_id}
- GET /api/private/admin/trusted-devices
- DELETE /api/private/admin/trusted-devices/{device_id}

Auth:

web clients request `/oauth/token` and `/api/v2/session/verify` with `X-UUID` header to save the client as trusted device.

---------

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

This commit is contained in:

MingxuanGame

2025-10-03 11:26:43 +08:00

committed by

GitHub

parent f34ed53a55

commit 40670c094b

28 changed files with 897 additions and 1456 deletions

									
										2

app/const.py
									
												View File
												
				@@ -3,3 +3,5 @@ from __future__ import annotations

				BANCHOBOT_ID = 2

				BACKUP_CODE_LENGTH = 10

				SUPPORT_TOTP_VERIFICATION_VER = 20250913

feat(auth): support trusted device (#52)

2 app/const.py Unescape Escape View File

2

app/const.py

View File