fix: remove authentication requirement for `/users/login` (#5717)

This was noticed by a member of our Discord being incorrectly documented! https://discord.com/channels/747933592273027093/1063494965130432632/1063503805016182875
2023-01-29 20:46:04 -06:00 · 2023-01-29 20:46:04 -06:00 · 896158c352
parent f5db4bc8be
commit 896158c352
5 changed files with 3 additions and 16 deletions
--- a/coderd/apidoc/docs.go
+++ b/coderd/apidoc/docs.go
@ -2865,11 +2865,6 @@ const docTemplate = `{
        },
        "/users/login": {
            "post": {
-                "security": [
-                    {
-                        "CoderSessionToken": []
-                    }
-                ],
                "consumes": [
                    "application/json"
                ],
--- a/coderd/apidoc/swagger.json
+++ b/coderd/apidoc/swagger.json
@ -2517,11 +2517,6 @@
    },
    "/users/login": {
      "post": {
-        "security": [
-          {
-            "CoderSessionToken": []
-          }
-        ],
        "consumes": ["application/json"],
        "produces": ["application/json"],
        "tags": ["Authorization"],
--- a/coderd/coderdtest/swaggerparser.go
+++ b/coderd/coderdtest/swaggerparser.go
@ -297,7 +297,8 @@ func assertPathParametersDefined(t *testing.T, comment SwaggerComment) {
 func assertSecurityDefined(t *testing.T, comment SwaggerComment) {
 	if comment.router == "/updatecheck" ||
 		comment.router == "/buildinfo" ||
-		comment.router == "/" {
+		comment.router == "/" ||
+		comment.router == "/users/login" {
 		return // endpoints do not require authorization
 	}
 	assert.Equal(t, "CoderSessionToken", comment.security, "@Security must be equal CoderSessionToken")
--- a/coderd/users.go
+++ b/coderd/users.go
@ -988,7 +988,6 @@ func (api *API) organizationByUserAndName(rw http.ResponseWriter, r *http.Reques
 //
 // @Summary Log in user
 // @ID log-in-user
-// @Security CoderSessionToken
 // @Accept json
 // @Produce json
 // @Tags Authorization
--- a/docs/api/authorization.md
+++ b/docs/api/authorization.md
@ -74,8 +74,7 @@ To perform this operation, you must be authenticated. [Learn more](authenticatio
 # Example request using curl
 curl -X POST http://coder-server:8080/api/v2/users/login \
  -H 'Content-Type: application/json' \
-  -H 'Accept: application/json' \
-  -H 'Coder-Session-Token: API_KEY'
+  -H 'Accept: application/json'
 ```

 `POST /users/login`
@ -110,5 +109,3 @@ curl -X POST http://coder-server:8080/api/v2/users/login \
 | Status | Meaning                                                      | Description | Schema                                                                             |
 | ------ | ------------------------------------------------------------ | ----------- | ---------------------------------------------------------------------------------- |
 | 201    | [Created](https://tools.ietf.org/html/rfc7231#section-6.3.2) | Created     | [codersdk.LoginWithPasswordResponse](schemas.md#codersdkloginwithpasswordresponse) |
-
-To perform this operation, you must be authenticated. [Learn more](authentication.md).