new-home/src/routers/client-api/authentication/index.js

"use strict";

const Promise = require("bluebird");
const expressPromiseRouter = require("express-promise-router");

module.exports = function(state) {
	const requireAccessToken = require("../../../middlewares/require-access-token")(state);

	let router = expressPromiseRouter();

	router.use(require("./login")(state));
	router.use(require("./register")(state))

	router.post("/r0/logout", requireAccessToken, (req, res) => {
		// https://matrix.org/docs/spec/client_server/r0.4.0.html#post-matrix-client-r0-logout
		// Invalidates an existing access token, so that it can no longer be used for authorization.
	});

	router.post("/r0/logout/all", requireAccessToken, (req, res) => {
		// https://matrix.org/docs/spec/client_server/r0.4.0.html#post-matrix-client-r0-logout-all
		// Invalidates all access tokens for a user, so that they can no longer be used for authorization. This includes the access token that made this request.
	});

	router.post("/r0/register/available", (req, res) => {
		// https://matrix.org/docs/spec/client_server/r0.4.0.html#get-matrix-client-r0-register-available
		// Checks to see if a username is available, and valid, for the server.
	});

	router.post("/r0/register/:source/requestToken", (req, res) => {
		// source === "email"
		// https://matrix.org/docs/spec/client_server/r0.4.0.html#post-matrix-client-r0-register-email-requesttoken
		// Proxies the Identity Service API validate/email/requestToken, but first checks that the given email address is not already associated with an account on this homeserver. See the Identity Service API for further information.

		// source === "msisdn"
		// https://matrix.org/docs/spec/client_server/r0.4.0.html#post-matrix-client-r0-register-msisdn-requesttoken
		// Proxies the Identity Service API validate/msisdn/requestToken, but first checks that the given phone number is not already associated with an account on this homeserver. See the Identity Service API for further information.

		// NOTE: Unclear whether it requires authentication or not.
	});

	router.post("/r0/account/password", (req, res) => {
		// https://matrix.org/docs/spec/client_server/r0.4.0.html#post-matrix-client-r0-account-password
		// Changes the password for an account on this homeserver.

		// NOTE: Requires access token *or* interactive auth.
	});

	router.post("/r0/account/password/:source/requestToken", (req, res) => {
		// source === "email"
		// https://matrix.org/docs/spec/client_server/r0.4.0.html#post-matrix-client-r0-account-password-email-requesttoken
		// Proxies the Identity Service API validate/email/requestToken, but first checks that the given email address is associated with an account on this homeserver. This API should be used to request validation tokens when authenticating for the account/password endpoint.

		// source === "msisdn"
		// https://matrix.org/docs/spec/client_server/r0.4.0.html#post-matrix-client-r0-account-password-msisdn-requesttoken
		// Proxies the Identity Service API validate/msisdn/requestToken, but first checks that the given phone number is associated with an account on this homeserver. This API should be used to request validation tokens when authenticating for the account/password endpoint. 

		// NOTE: Unclear whether it requires authentication or not.
	});

	router.post("/r0/account/deactivate", (req, res) => {
		// https://matrix.org/docs/spec/client_server/r0.4.0.html#post-matrix-client-r0-account-deactivate
		// Deactivate the user's account, removing all ability for the user to login again. This API endpoint uses the User-Interactive Authentication API.

		// NOTE: Requires access token *or* interactive auth.
	});

	// FIXME: Modularize out 'create session for device' logic for both login and register endpoints

	return router;
}