AuthModule.php

<?php
declare(strict_types=1);

namespace Modules\Auth;

use Engine\Actions\Collectors\ActionCollector;
use Engine\Actions\Collectors\ActionResourceBuilder;
use Engine\Auth\AuthToken;
use Engine\Auth\AuthTokenStore;
use Engine\Collectors\Attributes\Collect;
use Engine\Core\OperatingContext;
use Modules\Auth\Actions\ListAuthTokens;
use Modules\Auth\Actions\Query\ListAuthTokensQuery;
use Modules\Auth\Actions\RevokeAuthToken;
use Modules\Auth\Actions\Schemas\RevokeTokenSchema;

final readonly class AuthModule
{
    #[Collect(OperatingContext::Account)]
    public function collectAccountActions(ActionCollector $actions): void
    {
        // Login action (POST /api/v1/auth/login)
        $actions->action('login', UserLogin::class)
                ->schema(UserLoginSchema::class)
                ->unauthenticated()
                ->write();

        // Refresh token action (POST /api/v1/auth/refresh)
        $actions->action('refresh', RefreshAuthToken::class)
                ->schema(RefreshTokenSchema::class)
                ->unauthenticated()
                ->write();

        // Set up the auth token resource (/api/v1/auth/tokens)
        $actions->resource(
            'tokens',
            AuthToken::class,
            AuthTokenStore::class,
            function (ActionResourceBuilder $builder) {
                // The resource is only available to authenticated users
                $builder->authenticated();

                // Add the list action (GET /api/v1/auth/tokens)
                $builder->list(ListAuthTokens::class)
                        ->query(ListAuthTokensQuery::class);

                // Add the delete action (DELETE /api/v1/auth/tokens/:id)
                $builder->delete(RevokeAuthToken::class)
                        ->schema(RevokeTokenSchema::class);
            }
        );
    }
}