Skip to content

Fix login: migrate from deprecated spond.com/api/2.1 to api.spond.com/core/v1 with 2FA support#16

Merged
ArizonaGreenTea05 merged 2 commits into
mainfrom
copilot/fix-spond-api-login-issue
May 4, 2026
Merged

Fix login: migrate from deprecated spond.com/api/2.1 to api.spond.com/core/v1 with 2FA support#16
ArizonaGreenTea05 merged 2 commits into
mainfrom
copilot/fix-spond-api-login-issue

Conversation

Copilot AI commented May 4, 2026

Copy link
Copy Markdown
Contributor

The old https://spond.com/api/2.1/login endpoint now returns {"token": "...", "phoneNumber": "****12"} instead of {"loginToken": "..."}, breaking authentication. The active API is https://api.spond.com/core/v1/.

Changes

  • CommonData_Core_V1 (new): ICommonData implementation targeting api.spond.com/core/v1/ for all endpoints (login, profile, groups, events).
  • SpondClient: defaults to CommonData_Core_V1; LoginWithEmail/LoginWithPhoneNumber gain an optional Func<string, Task<string>>? otpCallback to complete the 2FA flow when the API returns a temp token + masked phone number instead of a direct loginToken.
  • Program.cs (test): passes a console OTP prompt as the callback.

2FA usage

// Accounts without 2FA: works as before (otpCallback never invoked)
await client.LoginWithEmail(email, password);

// Accounts with 2FA: provide a callback to supply the OTP
await client.LoginWithEmail(email, password, async maskedPhone =>
{
    Console.Write($"OTP sent to {maskedPhone}: ");
    return Console.ReadLine()!;
});

CommonData_2_1 is retained for callers that explicitly pass it; the default has changed.

Copilot AI and others added 2 commits May 4, 2026 07:56
… 2FA/OTP support

Agent-Logs-Url: https://github.com/ArizonaGreenTea05/Spond.API/sessions/6b23ee56-f413-4385-8c96-c05348425b52

Co-authored-by: ArizonaGreenTea05 <84347307+ArizonaGreenTea05@users.noreply.github.com>
…rning

Agent-Logs-Url: https://github.com/ArizonaGreenTea05/Spond.API/sessions/6b23ee56-f413-4385-8c96-c05348425b52

Co-authored-by: ArizonaGreenTea05 <84347307+ArizonaGreenTea05@users.noreply.github.com>
@ArizonaGreenTea05 ArizonaGreenTea05 marked this pull request as ready for review May 4, 2026 08:04
Copilot AI review requested due to automatic review settings May 4, 2026 08:04
@ArizonaGreenTea05 ArizonaGreenTea05 merged commit 994ec7b into main May 4, 2026
5 checks passed
@ArizonaGreenTea05 ArizonaGreenTea05 deleted the copilot/fix-spond-api-login-issue branch May 4, 2026 08:07

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Migrates authentication and API endpoint defaults from the deprecated spond.com/api/2.1 to api.spond.com/core/v1, and adds a 2FA login flow that can request and verify an OTP when required.

Changes:

  • Default SpondClient to CommonData_Core_V1 and add optional otpCallback to login methods to complete OTP-based 2FA.
  • Add CommonData_Core_V1 implementing ICommonData for core/v1 endpoints.
  • Update the test console app to provide an OTP prompt callback during login.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File Description
Spond.API/Services/SpondClient.cs Switches default API version to core/v1 and implements OTP callback-based 2FA login flow.
Spond.API/Models/CommonData.Core.V1.cs Adds core/v1 endpoint definitions and URL construction for events.
Spond.API.Test/Program.cs Adds console-based OTP callback to exercise the new 2FA login flow.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

return true;
}

_logger?.LogError("Unexpected login response: {Response}", loginJson);
if (root.TryGetProperty("token", out var tempTokenElement) &&
root.TryGetProperty("phoneNumber", out var phoneElement))
{
var tempToken = tempTokenElement.GetString();
Comment on lines +26 to 31
/// <param name="commonData">Optional common data configuration. If null, defaults to CommonData_Core_V1.</param>
/// <param name="logger">Optional logger for logging client operations.</param>
public SpondClient(ICommonData? commonData = null, ILogger<SpondClient>? logger = null)
{
_commonData = commonData ?? new CommonData_2_1();
_commonData = commonData ?? new CommonData_Core_V1();
_client = new HttpClient(new HttpClientHandler { CookieContainer = new CookieContainer() }) { BaseAddress = new Uri(_commonData.BaseUrl) };
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants