""" Auth domain URL Configuration for ThrillWiki API v1. This module contains URL patterns for core authentication functionality only. User profiles and top lists are handled by the dedicated accounts app. """ from django.urls import include, path from rest_framework_simplejwt.views import TokenRefreshView from . import mfa as mfa_views from . import passkey as passkey_views from . import account_management as account_views from .views import ( AuthStatusAPIView, # Social provider management views AvailableProvidersAPIView, ConnectedProvidersAPIView, ConnectProviderAPIView, CurrentUserAPIView, DisconnectProviderAPIView, # Email verification views EmailVerificationAPIView, # Main auth views LoginAPIView, LogoutAPIView, MFALoginVerifyAPIView, PasswordChangeAPIView, PasswordResetAPIView, ProcessOAuthProfileAPIView, ResendVerificationAPIView, SessionToTokenAPIView, # For passkey login token exchange SignupAPIView, SocialAuthStatusAPIView, SocialProvidersAPIView, ) urlpatterns = [ # Core authentication endpoints path("login/", LoginAPIView.as_view(), name="auth-login"), path("login/mfa-verify/", MFALoginVerifyAPIView.as_view(), name="auth-login-mfa-verify"), path("signup/", SignupAPIView.as_view(), name="auth-signup"), path("logout/", LogoutAPIView.as_view(), name="auth-logout"), path("user/", CurrentUserAPIView.as_view(), name="auth-current-user"), # JWT token management path("token/refresh/", TokenRefreshView.as_view(), name="auth-token-refresh"), path("token/session/", SessionToTokenAPIView.as_view(), name="auth-token-session"), # Exchange session for JWT # Note: dj_rest_auth removed - using custom social auth views below path( "password/reset/", PasswordResetAPIView.as_view(), name="auth-password-reset", ), path( "password/change/", PasswordChangeAPIView.as_view(), name="auth-password-change", ), path( "social/providers/", SocialProvidersAPIView.as_view(), name="auth-social-providers", ), # Social provider management endpoints path( "social/providers/available/", AvailableProvidersAPIView.as_view(), name="auth-social-providers-available", ), path( "social/connected/", ConnectedProvidersAPIView.as_view(), name="auth-social-connected", ), path( "social/connect//", ConnectProviderAPIView.as_view(), name="auth-social-connect", ), path( "social/disconnect//", DisconnectProviderAPIView.as_view(), name="auth-social-disconnect", ), path( "social/status/", SocialAuthStatusAPIView.as_view(), name="auth-social-status", ), path( "social/process-profile/", ProcessOAuthProfileAPIView.as_view(), name="auth-social-process-profile", ), path("status/", AuthStatusAPIView.as_view(), name="auth-status"), # Email verification endpoints path( "verify-email//", EmailVerificationAPIView.as_view(), name="auth-verify-email", ), path( "resend-verification/", ResendVerificationAPIView.as_view(), name="auth-resend-verification", ), # MFA (Multi-Factor Authentication) endpoints path("mfa/status/", mfa_views.get_mfa_status, name="auth-mfa-status"), path("mfa/totp/setup/", mfa_views.setup_totp, name="auth-mfa-totp-setup"), path("mfa/totp/activate/", mfa_views.activate_totp, name="auth-mfa-totp-activate"), path("mfa/totp/deactivate/", mfa_views.deactivate_totp, name="auth-mfa-totp-deactivate"), path("mfa/totp/verify/", mfa_views.verify_totp, name="auth-mfa-totp-verify"), path("mfa/recovery-codes/regenerate/", mfa_views.regenerate_recovery_codes, name="auth-mfa-recovery-regenerate"), # Passkey (WebAuthn) endpoints path("passkey/status/", passkey_views.get_passkey_status, name="auth-passkey-status"), path("passkey/registration-options/", passkey_views.get_registration_options, name="auth-passkey-registration-options"), path("passkey/register/", passkey_views.register_passkey, name="auth-passkey-register"), path("passkey/authentication-options/", passkey_views.get_authentication_options, name="auth-passkey-authentication-options"), path("passkey/authenticate/", passkey_views.authenticate_passkey, name="auth-passkey-authenticate"), path("passkey//", passkey_views.delete_passkey, name="auth-passkey-delete"), path("passkey//rename/", passkey_views.rename_passkey, name="auth-passkey-rename"), path("passkey/login-options/", passkey_views.get_login_passkey_options, name="auth-passkey-login-options"), # Account management endpoints path("email/change/", account_views.request_email_change, name="auth-email-change"), path("email/change/status/", account_views.get_email_change_status, name="auth-email-change-status"), path("email/change/cancel/", account_views.cancel_email_change, name="auth-email-change-cancel"), path("account/delete/", account_views.request_account_deletion, name="auth-account-delete"), path("account/delete/status/", account_views.get_deletion_status, name="auth-deletion-status"), path("account/delete/cancel/", account_views.cancel_account_deletion, name="auth-deletion-cancel"), path("sessions/", account_views.list_sessions, name="auth-sessions-list"), path("sessions//", account_views.revoke_session, name="auth-session-revoke"), path("password/change/", account_views.change_password, name="auth-password-change-v2"), path("security-log/", account_views.get_security_log, name="auth-security-log"), ] # Note: User profiles and top lists functionality is now handled by the accounts app # to maintain clean separation of concerns and avoid duplicate API endpoints.