diff --git a/CHANGELOG.md b/CHANGELOG.md index 9d788c7c8..a49129fcf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## Unreleased + +### Changed + +- Deprecated the `auth` endpoint of the login with _Security Token_ (`GET`) + ## 1.252.1 - 2023-04-10 ### Changed diff --git a/README.md b/README.md index 142051c8a..e5bff2e4b 100644 --- a/README.md +++ b/README.md @@ -200,7 +200,9 @@ Set the header for each request as follows: "Authorization": "Bearer eyJh..." ``` -You can get the _Bearer Token_ via `GET http://localhost:3333/api/v1/auth/anonymous/` or `curl -s http://localhost:3333/api/v1/auth/anonymous/`. +You can get the _Bearer Token_ via `POST http://localhost:3333/api/v1/auth/anonymous` (Body: `{ accessToken: }`) + +Deprecated: `GET http://localhost:3333/api/v1/auth/anonymous/` or `curl -s http://localhost:3333/api/v1/auth/anonymous/`. ### Import Activities diff --git a/apps/api/src/app/auth/auth.controller.ts b/apps/api/src/app/auth/auth.controller.ts index 715c284f4..1050fe5bf 100644 --- a/apps/api/src/app/auth/auth.controller.ts +++ b/apps/api/src/app/auth/auth.controller.ts @@ -7,6 +7,7 @@ import { Controller, Get, HttpException, + Param, Post, Req, Res, @@ -32,6 +33,26 @@ export class AuthController { private readonly webAuthService: WebAuthService ) {} + /** + * @deprecated + */ + @Get('anonymous/:accessToken') + public async accessTokenLoginGet( + @Param('accessToken') accessToken: string + ): Promise { + try { + const authToken = await this.authService.validateAnonymousLogin( + accessToken + ); + return { authToken }; + } catch { + throw new HttpException( + getReasonPhrase(StatusCodes.FORBIDDEN), + StatusCodes.FORBIDDEN + ); + } + } + @Post('anonymous') public async accessTokenLogin( @Body() body: { accessToken: string }