You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: selfservice/flow/login/handler.go
+29-29
Original file line number
Diff line number
Diff line change
@@ -410,17 +410,17 @@ type getSelfServiceLoginFlow struct {
410
410
//
411
411
// More information can be found at [Ory Kratos User Login](https://www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-registration).
@@ -520,33 +520,33 @@ type submitSelfServiceLoginFlowBody struct{}
520
520
// If this endpoint is called with `Accept: application/json` in the header, the response contains the flow without a redirect. In the
521
521
// case of an error, the `error.id` of the JSON response body can be one of:
522
522
//
523
-
// - `session_already_available`: The user is already signed in.
524
-
// - `security_csrf_violation`: Unable to fetch the flow because a CSRF violation occurred.
525
-
// - `security_identity_mismatch`: The requested `?return_to` address is not allowed to be used. Adjust this in the configuration!
526
-
// - `browser_location_change_required`: Usually sent when an AJAX request indicates that the browser needs to open a specific URL.
527
-
//Most likely used in Social Sign In flows.
523
+
// - `session_already_available`: The user is already signed in.
524
+
// - `security_csrf_violation`: Unable to fetch the flow because a CSRF violation occurred.
525
+
// - `security_identity_mismatch`: The requested `?return_to` address is not allowed to be used. Adjust this in the configuration!
526
+
// - `browser_location_change_required`: Usually sent when an AJAX request indicates that the browser needs to open a specific URL.
527
+
//Most likely used in Social Sign In flows.
528
528
//
529
529
// More information can be found at [Ory Kratos User Login](https://www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-registration).
h.d.SelfServiceErrorManager().Forward(r.Context(), w, r, errors.WithStack(herodot.ErrBadRequest.WithReasonf("Recovery is not allowed because it was disabled.")))
@@ -159,13 +160,13 @@ type initializeSelfServiceRecoveryFlowWithoutBrowser struct {
159
160
//
160
161
// More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery).
h.d.SelfServiceErrorManager().Forward(r.Context(), w, r, errors.WithStack(herodot.ErrBadRequest.WithReasonf("Recovery is not allowed because it was disabled.")))
@@ -232,16 +233,16 @@ type getSelfServiceRecoveryFlow struct {
232
233
//
233
234
// More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery).
h.d.SelfServiceErrorManager().Forward(r.Context(), w, r, errors.WithStack(herodot.ErrBadRequest.WithReasonf("Recovery is not allowed because it was disabled.")))
@@ -329,35 +330,35 @@ type submitSelfServiceRecoveryFlowBody struct{}
329
330
// Use this endpoint to complete a recovery flow. This endpoint
330
331
// behaves differently for API and browser flows and has several states:
331
332
//
332
-
// - `choose_method` expects `flow` (in the URL query) and `email` (in the body) to be sent
333
-
// and works with API- and Browser-initiated flows.
334
-
// - For API clients and Browser clients with HTTP Header `Accept: application/json` it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid.
333
+
// - `choose_method` expects `flow` (in the URL query) and `email` (in the body) to be sent
334
+
// and works with API- and Browser-initiated flows.
335
+
// - For API clients and Browser clients with HTTP Header `Accept: application/json` it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid.
335
336
// and a HTTP 303 See Other redirect with a fresh recovery flow if the flow was otherwise invalid (e.g. expired).
336
-
// - For Browser clients without HTTP Header `Accept` or with `Accept: text/*` it returns a HTTP 303 See Other redirect to the Recovery UI URL with the Recovery Flow ID appended.
337
-
// - `sent_email` is the success state after `choose_method` for the `link` method and allows the user to request another recovery email. It
338
-
// works for both API and Browser-initiated flows and returns the same responses as the flow in `choose_method` state.
339
-
// - `passed_challenge` expects a `token` to be sent in the URL query and given the nature of the flow ("sending a recovery link")
340
-
// does not have any API capabilities. The server responds with a HTTP 303 See Other redirect either to the Settings UI URL
341
-
// (if the link was valid) and instructs the user to update their password, or a redirect to the Recover UI URL with
342
-
// a new Recovery Flow ID which contains an error message that the recovery link was invalid.
337
+
// - For Browser clients without HTTP Header `Accept` or with `Accept: text/*` it returns a HTTP 303 See Other redirect to the Recovery UI URL with the Recovery Flow ID appended.
338
+
// - `sent_email` is the success state after `choose_method` for the `link` method and allows the user to request another recovery email. It
339
+
// works for both API and Browser-initiated flows and returns the same responses as the flow in `choose_method` state.
340
+
// - `passed_challenge` expects a `token` to be sent in the URL query and given the nature of the flow ("sending a recovery link")
341
+
// does not have any API capabilities. The server responds with a HTTP 303 See Other redirect either to the Settings UI URL
342
+
// (if the link was valid) and instructs the user to update their password, or a redirect to the Recover UI URL with
343
+
// a new Recovery Flow ID which contains an error message that the recovery link was invalid.
343
344
//
344
345
// More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery).
0 commit comments