resolutionflow/frontend/src/api/accountSecurity.ts

import apiClient from './client'

export interface ActiveUser {
  user_id: string
  name: string
  email: string
  last_login_at: string | null
}

export interface SessionPolicyResponse {
  idle_minutes: number | null
  absolute_minutes: number | null
  effective_idle_minutes: number
  effective_absolute_minutes: number
  idle_minutes_min: number
  idle_minutes_max: number
  absolute_minutes_min: number
  absolute_minutes_max: number
  active_users: ActiveUser[]
}

export interface SessionPolicyUpdateRequest {
  idle_minutes: number | null
  absolute_minutes: number | null
}

export interface RevokeSessionsResponse {
  revoked_count: number
}

export const accountSecurityApi = {
  async get(): Promise<SessionPolicyResponse> {
    const response = await apiClient.get<SessionPolicyResponse>('/accounts/me/security')
    return response.data
  },

  async update(body: SessionPolicyUpdateRequest): Promise<SessionPolicyResponse> {
    const response = await apiClient.patch<SessionPolicyResponse>('/accounts/me/security', body)
    return response.data
  },

  async revokeSessions(scope: 'all' | 'others'): Promise<RevokeSessionsResponse> {
    const response = await apiClient.post<RevokeSessionsResponse>(
      '/accounts/me/security/revoke-sessions',
      { scope },
    )
    return response.data
  },
}