@djangocfg/api 2.1.327 → 2.1.331

package/src/_api/generated/{cfg_accounts/types.gen.ts → types.gen.ts}

@@ -8,48 +8,205 @@ export type ClientOptions = {
  * Response serializer for account deletion.
  */
 export type AccountDeleteResponse = {
+    /**
+     * Human-readable message about the deletion
+     */
+    message: string;
     /**
      * Whether the account was successfully deleted
      */
     success: boolean;
+};
+
+/**
+ * Serializer for regenerating backup codes.
+ */
+export type BackupCodesRegenerateRequest = {
     /**
-     * Human-readable message about the deletion
+     * TOTP code for verification
      */
-    message: string;
+    code: string;
 };
 
 /**
- * Nested serializer for Centrifugo WebSocket connection token.
+ * Response serializer for backup codes regeneration.
  */
-export type CentrifugoToken = {
+export type BackupCodesRegenerateResponse = {
     /**
-     * JWT token for Centrifugo WebSocket connection
+     * List of new backup codes (save these!)
      */
-    token: string;
+    backup_codes: Array<string>;
+    /**
+     * Warning about previous codes being invalidated
+     */
+    warning: string;
+};
+
+/**
+ * Serializer for backup codes status.
+ */
+export type BackupCodesStatus = {
+    /**
+     * Number of unused backup codes
+     */
+    remaining_count: number;
+    /**
+     * Total number of codes generated
+     */
+    total_generated: number;
+    /**
+     * Warning if running low on codes
+     */
+    warning?: string | null;
+};
+
+/**
+ * Nested serializer for Centrifugo WebSocket connection token.
+ */
+export type CentrifugoToken = {
     /**
      * Centrifugo WebSocket URL
      */
     centrifugo_url: string;
+    /**
+     * List of allowed channels for this user
+     */
+    channels: Array<string>;
     /**
      * Token expiration time (ISO 8601)
      */
     expires_at: string;
     /**
-     * List of allowed channels for this user
+     * JWT token for Centrifugo WebSocket connection
      */
-    channels: Array<string>;
+    token: string;
 };
 
 /**
  * Serializer for updating user profile.
  */
 export type CfgUserUpdateRequest = {
+    company?: string;
     first_name?: string;
+    language?: string;
     last_name?: string;
-    company?: string;
     phone?: string;
     position?: string;
-    language?: string;
+};
+
+/**
+ * Serializer for confirming 2FA setup with first code.
+ */
+export type ConfirmSetupRequest = {
+    /**
+     * 6-digit TOTP code from authenticator app
+     */
+    code: string;
+    /**
+     * Device ID from setup response
+     */
+    device_id: string;
+};
+
+/**
+ * Response serializer for setup confirmation.
+ */
+export type ConfirmSetupResponse = {
+    /**
+     * List of backup recovery codes (save these!)
+     */
+    backup_codes: Array<string>;
+    /**
+     * Warning message about backup codes
+     */
+    backup_codes_warning: string;
+    message: string;
+};
+
+/**
+ * ConnectionTokenResponse
+ *
+ * Response model for Centrifugo connection token.
+ */
+export type ConnectionTokenResponse = {
+    /**
+     * Centrifugo Url
+     *
+     * Centrifugo WebSocket URL
+     */
+    centrifugo_url: string;
+    /**
+     * Channels
+     *
+     * List of allowed channels
+     */
+    channels: Array<string>;
+    /**
+     * Expires At
+     *
+     * Token expiration time (ISO 8601)
+     */
+    expires_at: string;
+    /**
+     * Token
+     *
+     * JWT token for Centrifugo connection
+     */
+    token: string;
+};
+
+/**
+ * Serializer for listing TOTP devices.
+ */
+export type DeviceList = {
+    /**
+     * When device setup was confirmed
+     */
+    readonly confirmed_at: string | null;
+    readonly created_at: string;
+    readonly id: string;
+    /**
+     * Primary device used for verification
+     */
+    readonly is_primary: boolean;
+    /**
+     * Last successful verification
+     */
+    readonly last_used_at: string | null;
+    /**
+     * Device name for identification
+     */
+    readonly name: string;
+    readonly status: DeviceListStatusEnum;
+};
+
+/**
+ * Response serializer for device list endpoint.
+ */
+export type DeviceListResponse = {
+    devices: Array<DeviceList>;
+    has_2fa_enabled: boolean;
+};
+
+/**
+ * * `pending` - Pending Confirmation
+ * * `active` - Active
+ * * `disabled` - Disabled
+ */
+export enum DeviceListStatusEnum {
+    PENDING = 'pending',
+    ACTIVE = 'active',
+    DISABLED = 'disabled'
+}
+
+/**
+ * Serializer for completely disabling 2FA.
+ */
+export type DisableRequest = {
+    /**
+     * TOTP code for verification
+     */
+    code: string;
 };
 
 /**
@@ -88,48 +245,48 @@ export type OAuthCallbackRequestRequest = {
      * Authorization code from OAuth provider callback
      */
     code: string;
-    /**
-     * State token for CSRF verification (from authorize response)
-     */
-    state: string;
     /**
      * Same redirect_uri used in authorize request. If not provided, uses config's site_url + callback_path
      */
     redirect_uri?: string;
+    /**
+     * State token for CSRF verification (from authorize response)
+     */
+    state: string;
 };
 
 /**
  * Serializer for OAuth connection info (user-facing).
  */
 export type OAuthConnection = {
+    /**
+     * When this OAuth connection was created
+     */
+    readonly connected_at: string;
     readonly id: number;
+    /**
+     * Last time this OAuth connection was used for login
+     */
+    readonly last_login_at: string;
     /**
      * OAuth provider name (github, google, etc.)
      *
      * * `github` - GitHub
      */
     readonly provider: ProviderEnum;
-    readonly provider_display: string;
-    /**
-     * Username on the OAuth provider platform
-     */
-    readonly provider_username: string;
-    /**
-     * Email from OAuth provider (may differ from user.email)
-     */
-    readonly provider_email: string;
     /**
      * Avatar URL from OAuth provider
      */
     readonly provider_avatar_url: string;
+    readonly provider_display: string;
     /**
-     * When this OAuth connection was created
+     * Email from OAuth provider (may differ from user.email)
      */
-    readonly connected_at: string;
+    readonly provider_email: string;
     /**
-     * Last time this OAuth connection was used for login
+     * Username on the OAuth provider platform
      */
-    readonly last_login_at: string;
+    readonly provider_username: string;
 };
 
 /**
@@ -185,39 +342,39 @@ export type OAuthProvidersResponse = {
  */
 export type OAuthTokenResponse = {
     /**
-     * True if 2FA verification is required
+     * JWT access token (null when requires_2fa=True)
      */
-    requires_2fa?: boolean;
+    access?: string | null;
     /**
-     * 2FA session ID (only when requires_2fa=True)
+     * True if a new OAuth connection was created
      */
-    session_id?: string | null;
+    is_new_connection: boolean;
     /**
-     * JWT access token (null when requires_2fa=True)
+     * True if a new user was created during this OAuth flow
      */
-    access?: string | null;
+    is_new_user: boolean;
     /**
      * JWT refresh token (null when requires_2fa=True)
      */
     refresh?: string | null;
     /**
-     * Authenticated user info (null when requires_2fa=True)
-     */
-    user?: {
-        [key: string]: unknown;
-    } | null;
-    /**
-     * True if a new user was created during this OAuth flow
+     * True if 2FA verification is required
      */
-    is_new_user: boolean;
+    requires_2fa?: boolean;
     /**
-     * True if a new OAuth connection was created
+     * 2FA session ID (only when requires_2fa=True)
      */
-    is_new_connection: boolean;
+    session_id?: string | null;
     /**
      * True if user should be prompted to enable 2FA
      */
     should_prompt_2fa?: boolean;
+    /**
+     * Authenticated user info (null when requires_2fa=True)
+     */
+    user?: {
+        [key: string]: unknown;
+    } | null;
 };
 
 /**
@@ -302,41 +459,41 @@ export type OtpVerifyRequest = {
  */
 export type OtpVerifyResponse = {
     /**
-     * Whether 2FA verification is required
-     */
-    requires_2fa?: boolean;
-    /**
-     * 2FA session ID (if requires_2fa is True)
+     * JWT access token (if requires_2fa is False)
      */
-    session_id?: string | null;
+    access?: string | null;
     /**
      * JWT refresh token (if requires_2fa is False)
      */
     refresh?: string | null;
     /**
-     * JWT access token (if requires_2fa is False)
+     * Whether 2FA verification is required
      */
-    access?: string | null;
+    requires_2fa?: boolean;
     /**
-     * User information (if requires_2fa is False)
+     * 2FA session ID (if requires_2fa is True)
      */
-    user?: User | null;
+    session_id?: string | null;
     /**
      * Whether user should be prompted to enable 2FA
      */
     should_prompt_2fa?: boolean;
+    /**
+     * User information (if requires_2fa is False)
+     */
+    user?: User | null;
 };
 
 /**
  * Serializer for updating user profile.
  */
 export type PatchedCfgUserUpdateRequest = {
+    company?: string;
     first_name?: string;
+    language?: string;
     last_name?: string;
-    company?: string;
     phone?: string;
     position?: string;
-    language?: string;
 };
 
 /**
@@ -346,6 +503,42 @@ export enum ProviderEnum {
     GITHUB = 'github'
 }
 
+/**
+ * Serializer for starting 2FA setup.
+ */
+export type SetupRequest = {
+    /**
+     * Device name for identification (e.g., 'My iPhone')
+     */
+    device_name?: string;
+};
+
+/**
+ * Response serializer for setup initiation.
+ */
+export type SetupResponse = {
+    /**
+     * Device ID to use for confirmation
+     */
+    device_id: string;
+    /**
+     * Seconds until setup expires (typically 600 = 10 minutes)
+     */
+    expires_in: number;
+    /**
+     * otpauth:// URI for QR code generation
+     */
+    provisioning_uri: string;
+    /**
+     * Base64-encoded QR code image (data URI)
+     */
+    qr_code_base64: string;
+    /**
+     * Base32-encoded TOTP secret (for manual entry)
+     */
+    secret: string;
+};
+
 export type TokenRefresh = {
     readonly access: string;
     refresh: string;
@@ -356,30 +549,70 @@ export type TokenRefreshRequest = {
 };
 
 /**
- * Serializer for user details.
+ * User data returned after 2FA verification.
  */
-export type User = {
-    readonly id: number;
+export type TotpVerifyUser = {
+    readonly avatar: string | null;
+    company?: string;
+    readonly date_joined: string;
+    /**
+     * Get formatted username for display.
+     */
+    readonly display_username: string;
     readonly email: string;
     first_name?: string;
-    last_name?: string;
     /**
      * Get user's full name.
      */
     readonly full_name: string;
+    readonly id: number;
     /**
      * Get user's initials for avatar fallback.
      */
     readonly initials: string;
     /**
-     * Get formatted username for display.
+     * Staff status
+     *
+     * Designates whether the user can log into this admin site.
      */
-    readonly display_username: string;
-    company?: string;
+    readonly is_staff: boolean;
+    /**
+     * Superuser status
+     *
+     * Designates that this user has all permissions without explicitly assigning them.
+     */
+    readonly is_superuser: boolean;
+    language?: string;
+    readonly last_login: string | null;
+    last_name?: string;
     phone?: string;
     position?: string;
-    language?: string;
+    readonly unanswered_messages_count: number;
+};
+
+/**
+ * Serializer for user details.
+ */
+export type User = {
     readonly avatar: string | null;
+    readonly centrifugo: CentrifugoToken | null;
+    company?: string;
+    readonly date_joined: string;
+    /**
+     * Get formatted username for display.
+     */
+    readonly display_username: string;
+    readonly email: string;
+    first_name?: string;
+    /**
+     * Get user's full name.
+     */
+    readonly full_name: string;
+    readonly id: number;
+    /**
+     * Get user's initials for avatar fallback.
+     */
+    readonly initials: string;
     /**
      * Staff status
      *
@@ -392,10 +625,75 @@ export type User = {
      * Designates that this user has all permissions without explicitly assigning them.
      */
     readonly is_superuser: boolean;
-    readonly date_joined: string;
+    language?: string;
     readonly last_login: string | null;
+    last_name?: string;
+    phone?: string;
+    position?: string;
     readonly unanswered_messages_count: number;
-    readonly centrifugo: CentrifugoToken | null;
+};
+
+/**
+ * Serializer for backup code verification during login.
+ */
+export type VerifyBackupRequest = {
+    /**
+     * 8-character backup recovery code
+     */
+    backup_code: string;
+    /**
+     * 2FA session ID from login response
+     */
+    session_id: string;
+};
+
+/**
+ * Serializer for TOTP code verification during login.
+ */
+export type VerifyRequest = {
+    /**
+     * 6-digit TOTP code from authenticator app
+     */
+    code: string;
+    /**
+     * 2FA session ID from login response
+     */
+    session_id: string;
+};
+
+/**
+ * Response serializer for successful 2FA verification.
+ */
+export type VerifyResponse = {
+    /**
+     * JWT access token
+     */
+    access_token: string;
+    message: string;
+    /**
+     * JWT refresh token
+     */
+    refresh_token: string;
+    /**
+     * Number of remaining backup codes (if backup code was used)
+     */
+    remaining_backup_codes?: number;
+    /**
+     * User profile data
+     */
+    user: TotpVerifyUser;
+    /**
+     * Warning message (e.g., low backup codes)
+     */
+    warning?: string;
+};
+
+/**
+ * Response serializer for device list endpoint.
+ */
+export type DeviceListResponseWritable = {
+    devices: Array<unknown>;
+    has_2fa_enabled: boolean;
 };
 
 /**
@@ -413,45 +711,84 @@ export type User = {
  */
 export type OtpVerifyResponseWritable = {
     /**
-     * Whether 2FA verification is required
-     */
-    requires_2fa?: boolean;
-    /**
-     * 2FA session ID (if requires_2fa is True)
+     * JWT access token (if requires_2fa is False)
      */
-    session_id?: string | null;
+    access?: string | null;
     /**
      * JWT refresh token (if requires_2fa is False)
      */
     refresh?: string | null;
     /**
-     * JWT access token (if requires_2fa is False)
+     * Whether 2FA verification is required
      */
-    access?: string | null;
+    requires_2fa?: boolean;
     /**
-     * User information (if requires_2fa is False)
+     * 2FA session ID (if requires_2fa is True)
      */
-    user?: UserWritable | null;
+    session_id?: string | null;
     /**
      * Whether user should be prompted to enable 2FA
      */
     should_prompt_2fa?: boolean;
+    /**
+     * User information (if requires_2fa is False)
+     */
+    user?: UserWritable | null;
 };
 
 export type TokenRefreshWritable = {
     refresh: string;
 };
 
+/**
+ * User data returned after 2FA verification.
+ */
+export type TotpVerifyUserWritable = {
+    company?: string;
+    first_name?: string;
+    language?: string;
+    last_name?: string;
+    phone?: string;
+    position?: string;
+};
+
 /**
  * Serializer for user details.
  */
 export type UserWritable = {
+    company?: string;
     first_name?: string;
+    language?: string;
     last_name?: string;
-    company?: string;
     phone?: string;
     position?: string;
-    language?: string;
+};
+
+/**
+ * Response serializer for successful 2FA verification.
+ */
+export type VerifyResponseWritable = {
+    /**
+     * JWT access token
+     */
+    access_token: string;
+    message: string;
+    /**
+     * JWT refresh token
+     */
+    refresh_token: string;
+    /**
+     * Number of remaining backup codes (if backup code was used)
+     */
+    remaining_backup_codes?: number;
+    /**
+     * User profile data
+     */
+    user: TotpVerifyUserWritable;
+    /**
+     * Warning message (e.g., low backup codes)
+     */
+    warning?: string;
 };
 
 export type CfgAccountsOauthConnectionsListData = {
@@ -762,3 +1099,196 @@ export type CfgAccountsTokenRefreshCreateResponses = {
 };
 
 export type CfgAccountsTokenRefreshCreateResponse = CfgAccountsTokenRefreshCreateResponses[keyof CfgAccountsTokenRefreshCreateResponses];
+
+export type CfgCentrifugoAuthTokenRetrieveData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/cfg/centrifugo/auth/token/';
+};
+
+export type CfgCentrifugoAuthTokenRetrieveErrors = {
+    /**
+     * Unauthorized - authentication required
+     */
+    401: unknown;
+    /**
+     * Server error
+     */
+    500: unknown;
+};
+
+export type CfgCentrifugoAuthTokenRetrieveResponses = {
+    200: ConnectionTokenResponse;
+};
+
+export type CfgCentrifugoAuthTokenRetrieveResponse = CfgCentrifugoAuthTokenRetrieveResponses[keyof CfgCentrifugoAuthTokenRetrieveResponses];
+
+export type CfgTotpBackupCodesRetrieveData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/backup-codes/';
+};
+
+export type CfgTotpBackupCodesRetrieveResponses = {
+    200: BackupCodesStatus;
+};
+
+export type CfgTotpBackupCodesRetrieveResponse = CfgTotpBackupCodesRetrieveResponses[keyof CfgTotpBackupCodesRetrieveResponses];
+
+export type CfgTotpBackupCodesRegenerateCreateData = {
+    body: BackupCodesRegenerateRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/backup-codes/regenerate/';
+};
+
+export type CfgTotpBackupCodesRegenerateCreateErrors = {
+    /**
+     * Invalid code or 2FA not enabled
+     */
+    400: unknown;
+};
+
+export type CfgTotpBackupCodesRegenerateCreateResponses = {
+    200: BackupCodesRegenerateResponse;
+};
+
+export type CfgTotpBackupCodesRegenerateCreateResponse = CfgTotpBackupCodesRegenerateCreateResponses[keyof CfgTotpBackupCodesRegenerateCreateResponses];
+
+export type CfgTotpDevicesRetrieveData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/devices/';
+};
+
+export type CfgTotpDevicesRetrieveResponses = {
+    200: DeviceListResponse;
+};
+
+export type CfgTotpDevicesRetrieveResponse = CfgTotpDevicesRetrieveResponses[keyof CfgTotpDevicesRetrieveResponses];
+
+export type CfgTotpDevicesDestroyData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: '/cfg/totp/devices/{id}/';
+};
+
+export type CfgTotpDevicesDestroyResponses = {
+    /**
+     * No response body
+     */
+    204: void;
+};
+
+export type CfgTotpDevicesDestroyResponse = CfgTotpDevicesDestroyResponses[keyof CfgTotpDevicesDestroyResponses];
+
+export type CfgTotpDisableCreateData = {
+    body: DisableRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/disable/';
+};
+
+export type CfgTotpDisableCreateErrors = {
+    /**
+     * Invalid code
+     */
+    400: unknown;
+};
+
+export type CfgTotpDisableCreateResponses = {
+    /**
+     * 2FA disabled successfully
+     */
+    200: unknown;
+};
+
+export type CfgTotpSetupCreateData = {
+    body?: SetupRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/setup/';
+};
+
+export type CfgTotpSetupCreateErrors = {
+    /**
+     * 2FA already enabled or invalid request
+     */
+    400: unknown;
+};
+
+export type CfgTotpSetupCreateResponses = {
+    200: SetupResponse;
+};
+
+export type CfgTotpSetupCreateResponse = CfgTotpSetupCreateResponses[keyof CfgTotpSetupCreateResponses];
+
+export type CfgTotpSetupConfirmCreateData = {
+    body: ConfirmSetupRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/setup/confirm/';
+};
+
+export type CfgTotpSetupConfirmCreateErrors = {
+    /**
+     * Invalid code or setup expired
+     */
+    400: unknown;
+};
+
+export type CfgTotpSetupConfirmCreateResponses = {
+    200: ConfirmSetupResponse;
+};
+
+export type CfgTotpSetupConfirmCreateResponse = CfgTotpSetupConfirmCreateResponses[keyof CfgTotpSetupConfirmCreateResponses];
+
+export type CfgTotpVerifyCreateData = {
+    body: VerifyRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/verify/';
+};
+
+export type CfgTotpVerifyCreateErrors = {
+    /**
+     * Invalid code or session
+     */
+    400: unknown;
+    /**
+     * Too many attempts
+     */
+    403: unknown;
+};
+
+export type CfgTotpVerifyCreateResponses = {
+    200: VerifyResponse;
+};
+
+export type CfgTotpVerifyCreateResponse = CfgTotpVerifyCreateResponses[keyof CfgTotpVerifyCreateResponses];
+
+export type CfgTotpVerifyBackupCreateData = {
+    body: VerifyBackupRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/verify/backup/';
+};
+
+export type CfgTotpVerifyBackupCreateErrors = {
+    /**
+     * Invalid backup code or session
+     */
+    400: unknown;
+};
+
+export type CfgTotpVerifyBackupCreateResponses = {
+    200: VerifyResponse;
+};
+
+export type CfgTotpVerifyBackupCreateResponse = CfgTotpVerifyBackupCreateResponses[keyof CfgTotpVerifyBackupCreateResponses];