From 48177e8d030bfe9ec9c0710a1a01fc35ebc3c62e Mon Sep 17 00:00:00 2001 From: Torsten Dittmann Date: Mon, 20 Jun 2022 16:47:49 +0200 Subject: [PATCH] docs: update new phone docs --- app/controllers/api/account.php | 4 ++-- app/controllers/api/users.php | 2 +- .../{create-verification.md => create-email-verification.md} | 2 +- docs/references/account/create-phone-session.md | 1 + docs/references/account/create-phone-verification.md | 1 + .../{update-verification.md => update-email-verification.md} | 0 docs/references/account/update-phone-session.md | 3 +++ docs/references/account/update-phone-verification.md | 1 + docs/references/account/update-phone.md | 1 + ...user-verification.md => update-user-email-verification.md} | 0 docs/references/users/update-user-phone-verification.md | 1 + docs/references/users/update-user-phone.md | 1 + 12 files changed, 13 insertions(+), 4 deletions(-) rename docs/references/account/{create-verification.md => create-email-verification.md} (86%) create mode 100644 docs/references/account/create-phone-session.md create mode 100644 docs/references/account/create-phone-verification.md rename docs/references/account/{update-verification.md => update-email-verification.md} (100%) create mode 100644 docs/references/account/update-phone-session.md create mode 100644 docs/references/account/update-phone-verification.md create mode 100644 docs/references/account/update-phone.md rename docs/references/users/{update-user-verification.md => update-user-email-verification.md} (100%) create mode 100644 docs/references/users/update-user-phone-verification.md create mode 100644 docs/references/users/update-user-phone.md diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index 2bd08f754d..f00e98e0cc 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -2084,7 +2084,7 @@ App::post('/v1/account/verification') ->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_JWT]) ->label('sdk.namespace', 'account') ->label('sdk.method', 'createVerification') - ->label('sdk.description', '/docs/references/account/create-verification.md') + ->label('sdk.description', '/docs/references/account/create-email-verification.md') ->label('sdk.response.code', Response::STATUS_CODE_CREATED) ->label('sdk.response.type', Response::CONTENT_TYPE_JSON) ->label('sdk.response.model', Response::MODEL_TOKEN) @@ -2173,7 +2173,7 @@ App::put('/v1/account/verification') ->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_JWT]) ->label('sdk.namespace', 'account') ->label('sdk.method', 'updateVerification') - ->label('sdk.description', '/docs/references/account/update-verification.md') + ->label('sdk.description', '/docs/references/account/update-email-verification.md') ->label('sdk.response.code', Response::STATUS_CODE_OK) ->label('sdk.response.type', Response::CONTENT_TYPE_JSON) ->label('sdk.response.model', Response::MODEL_TOKEN) diff --git a/app/controllers/api/users.php b/app/controllers/api/users.php index 2bb179af58..738b79d0f9 100644 --- a/app/controllers/api/users.php +++ b/app/controllers/api/users.php @@ -408,7 +408,7 @@ App::patch('/v1/users/:userId/verification') ->label('sdk.auth', [APP_AUTH_TYPE_KEY]) ->label('sdk.namespace', 'users') ->label('sdk.method', 'updateEmailVerification') - ->label('sdk.description', '/docs/references/users/update-user-verification.md') + ->label('sdk.description', '/docs/references/users/update-user-email-verification.md') ->label('sdk.response.code', Response::STATUS_CODE_OK) ->label('sdk.response.type', Response::CONTENT_TYPE_JSON) ->label('sdk.response.model', Response::MODEL_USER) diff --git a/docs/references/account/create-verification.md b/docs/references/account/create-email-verification.md similarity index 86% rename from docs/references/account/create-verification.md rename to docs/references/account/create-email-verification.md index 08c47946e7..d4fc2dabb4 100644 --- a/docs/references/account/create-verification.md +++ b/docs/references/account/create-email-verification.md @@ -1,3 +1,3 @@ -Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](/docs/client/account#accountUpdateVerification). The verification link sent to the user's email address is valid for 7 days. +Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](/docs/client/account#accountUpdateEmailVerification). The verification link sent to the user's email address is valid for 7 days. Please note that in order to avoid a [Redirect Attack](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface. diff --git a/docs/references/account/create-phone-session.md b/docs/references/account/create-phone-session.md new file mode 100644 index 0000000000..a03c7adc17 --- /dev/null +++ b/docs/references/account/create-phone-session.md @@ -0,0 +1 @@ +Sends the user a SMS with a secret key for creating a session. Use the returned user ID and the secret to submit a request to the [PUT /account/sessions/phone](/docs/client/account#accountUpdatePhoneSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes. \ No newline at end of file diff --git a/docs/references/account/create-phone-verification.md b/docs/references/account/create-phone-verification.md new file mode 100644 index 0000000000..0acc8f6d30 --- /dev/null +++ b/docs/references/account/create-phone-verification.md @@ -0,0 +1 @@ +Use this endpoint to send a verification message to your user's phone number to confirm they are the valid owners of that address. The provided secret should allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](/docs/client/account#accountUpdatePhoneVerification). The verification link sent to the user's phone number is valid for 15 minutes. \ No newline at end of file diff --git a/docs/references/account/update-verification.md b/docs/references/account/update-email-verification.md similarity index 100% rename from docs/references/account/update-verification.md rename to docs/references/account/update-email-verification.md diff --git a/docs/references/account/update-phone-session.md b/docs/references/account/update-phone-session.md new file mode 100644 index 0000000000..b85036082f --- /dev/null +++ b/docs/references/account/update-phone-session.md @@ -0,0 +1,3 @@ +Use this endpoint to complete creating the session with the Magic URL. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST /account/sessions/magic-url](/docs/client/account#accountCreateMagicURLSession) endpoint. + +Please note that in order to avoid a [Redirect Attack](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface. \ No newline at end of file diff --git a/docs/references/account/update-phone-verification.md b/docs/references/account/update-phone-verification.md new file mode 100644 index 0000000000..c1b4a5b0cb --- /dev/null +++ b/docs/references/account/update-phone-verification.md @@ -0,0 +1 @@ +Use this endpoint to complete the user phone verification process. Use the **userId** and **secret** that were sent to your user's phone number to verify the user email ownership. If confirmed this route will return a 200 status code. \ No newline at end of file diff --git a/docs/references/account/update-phone.md b/docs/references/account/update-phone.md new file mode 100644 index 0000000000..442fc06209 --- /dev/null +++ b/docs/references/account/update-phone.md @@ -0,0 +1 @@ +Update currently logged in user account phone number. After changing phone number, the user confirmation status will get reset. A new confirmation SMS is not sent automatically however you can use the phone confirmation endpoint again to send the confirmation SMS. \ No newline at end of file diff --git a/docs/references/users/update-user-verification.md b/docs/references/users/update-user-email-verification.md similarity index 100% rename from docs/references/users/update-user-verification.md rename to docs/references/users/update-user-email-verification.md diff --git a/docs/references/users/update-user-phone-verification.md b/docs/references/users/update-user-phone-verification.md new file mode 100644 index 0000000000..4bd282197f --- /dev/null +++ b/docs/references/users/update-user-phone-verification.md @@ -0,0 +1 @@ +Update the user phone verification status by its unique ID. \ No newline at end of file diff --git a/docs/references/users/update-user-phone.md b/docs/references/users/update-user-phone.md new file mode 100644 index 0000000000..4268475ada --- /dev/null +++ b/docs/references/users/update-user-phone.md @@ -0,0 +1 @@ +Update the user phone by its unique ID. \ No newline at end of file