mirror of https://github.com/coder/coder.git synced 2025-07-09 11:45:56 +00:00

Files

Vincent Vielle 4fe2c5f09a fix: improve password validation flow (#15132 )

Refers to #14984 

Currently, password validation is done backend side and is not explicit
enough so it can be painful to create first users.
We'd like to make this validation easier - but also duplicate it
frontend side to make it smoother.

Flows involved : 
- First user set password
- New user set password
- Change password

---------

Co-authored-by: BrunoQuaresma <bruno_nonato_quaresma@hotmail.com>

2024-11-05 17:22:32 +01:00

8.5 KiB

Generated

Raw Blame History

Authorization

Check authorization

Code samples

# Example request using curl
curl -X POST http://coder-server:8080/api/v2/authcheck \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Coder-Session-Token: API_KEY'

POST /authcheck

{
	"checks": {
		"property1": {
			"action": "create",
			"object": {
				"any_org": true,
				"organization_id": "string",
				"owner_id": "string",
				"resource_id": "string",
				"resource_type": "*"
			}
		},
		"property2": {
			"action": "create",
			"object": {
				"any_org": true,
				"organization_id": "string",
				"owner_id": "string",
				"resource_id": "string",
				"resource_type": "*"
			}
		}
	}
}

Parameters

Name	In	Type	Required	Description
`body`	body	codersdk.AuthorizationRequest	true	Authorization request

Example responses

{
	"property1": true,
	"property2": true
}

Responses

Status	Meaning	Description	Schema
200	OK	OK	codersdk.AuthorizationResponse

To perform this operation, you must be authenticated. Learn more.

Log in user

Code samples

# Example request using curl
curl -X POST http://coder-server:8080/api/v2/users/login \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

POST /users/login

{
	"email": "user@example.com",
	"password": "string"
}

Parameters

Name	In	Type	Required	Description
`body`	body	codersdk.LoginWithPasswordRequest	true	Login request

Example responses

{
	"session_token": "string"
}

Responses

Status	Meaning	Description	Schema
201	Created	Created	codersdk.LoginWithPasswordResponse

Change password with a one-time passcode

Code samples

# Example request using curl
curl -X POST http://coder-server:8080/api/v2/users/otp/change-password \
  -H 'Content-Type: application/json'

POST /users/otp/change-password

{
	"email": "user@example.com",
	"one_time_passcode": "string",
	"password": "string"
}

Parameters

Name	In	Type	Required	Description
`body`	body	codersdk.ChangePasswordWithOneTimePasscodeRequest	true	Change password request

Responses

Status	Meaning	Description	Schema
204	No Content	No Content

Request one-time passcode

Code samples

# Example request using curl
curl -X POST http://coder-server:8080/api/v2/users/otp/request \
  -H 'Content-Type: application/json'

POST /users/otp/request

{
	"email": "user@example.com"
}

Parameters

Name	In	Type	Required	Description
`body`	body	codersdk.RequestOneTimePasscodeRequest	true	One-time passcode request

Responses

Status	Meaning	Description	Schema
204	No Content	No Content

Validate user password

Code samples

# Example request using curl
curl -X POST http://coder-server:8080/api/v2/users/validate-password \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Coder-Session-Token: API_KEY'

POST /users/validate-password

{
	"password": "string"
}

Parameters

Name	In	Type	Required	Description
`body`	body	codersdk.ValidateUserPasswordRequest	true	Validate user password request

Example responses

{
	"details": "string",
	"valid": true
}

Responses

Status	Meaning	Description	Schema
200	OK	OK	codersdk.ValidateUserPasswordResponse

To perform this operation, you must be authenticated. Learn more.

Convert user from password to oauth authentication

Code samples

# Example request using curl
curl -X POST http://coder-server:8080/api/v2/users/{user}/convert-login \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Coder-Session-Token: API_KEY'

POST /users/{user}/convert-login

{
	"password": "string",
	"to_type": ""
}

Parameters

Name	In	Type	Required	Description
`user`	path	string	true	User ID, name, or me
`body`	body	codersdk.ConvertLoginRequest	true	Convert request

Example responses

{
	"expires_at": "2019-08-24T14:15:22Z",
	"state_string": "string",
	"to_type": "",
	"user_id": "a169451c-8525-4352-b8ca-070dd449a1a5"
}

Responses

Status	Meaning	Description	Schema
201	Created	Created	codersdk.OAuthConversionResponse

To perform this operation, you must be authenticated. Learn more.

8.5 KiB Generated Raw Blame History

Authorization

Check authorization

Code samples

Parameters

Example responses

Responses

Log in user

Code samples

Parameters

Example responses

Responses

Change password with a one-time passcode

Code samples

Parameters

Responses

Request one-time passcode

Code samples

Parameters

Responses

Validate user password

Code samples

Parameters

Example responses

Responses

Convert user from password to oauth authentication

Code samples

Parameters

Example responses

Responses

8.5 KiB

Generated

Raw Blame History