Fix login: migrate from deprecated spond.com/api/2.1 to api.spond.com/core/v1 with 2FA support#16
Merged
Conversation
… 2FA/OTP support Agent-Logs-Url: https://github.com/ArizonaGreenTea05/Spond.API/sessions/6b23ee56-f413-4385-8c96-c05348425b52 Co-authored-by: ArizonaGreenTea05 <84347307+ArizonaGreenTea05@users.noreply.github.com>
…rning Agent-Logs-Url: https://github.com/ArizonaGreenTea05/Spond.API/sessions/6b23ee56-f413-4385-8c96-c05348425b52 Co-authored-by: ArizonaGreenTea05 <84347307+ArizonaGreenTea05@users.noreply.github.com>
Copilot created this pull request from a session on behalf of
ArizonaGreenTea05
May 4, 2026 07:59
View session
Contributor
There was a problem hiding this comment.
Pull request overview
Migrates authentication and API endpoint defaults from the deprecated spond.com/api/2.1 to api.spond.com/core/v1, and adds a 2FA login flow that can request and verify an OTP when required.
Changes:
- Default
SpondClienttoCommonData_Core_V1and add optionalotpCallbackto login methods to complete OTP-based 2FA. - Add
CommonData_Core_V1implementingICommonDataforcore/v1endpoints. - Update the test console app to provide an OTP prompt callback during login.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| Spond.API/Services/SpondClient.cs | Switches default API version to core/v1 and implements OTP callback-based 2FA login flow. |
| Spond.API/Models/CommonData.Core.V1.cs | Adds core/v1 endpoint definitions and URL construction for events. |
| Spond.API.Test/Program.cs | Adds console-based OTP callback to exercise the new 2FA login flow. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| return true; | ||
| } | ||
|
|
||
| _logger?.LogError("Unexpected login response: {Response}", loginJson); |
| if (root.TryGetProperty("token", out var tempTokenElement) && | ||
| root.TryGetProperty("phoneNumber", out var phoneElement)) | ||
| { | ||
| var tempToken = tempTokenElement.GetString(); |
Comment on lines
+26
to
31
| /// <param name="commonData">Optional common data configuration. If null, defaults to CommonData_Core_V1.</param> | ||
| /// <param name="logger">Optional logger for logging client operations.</param> | ||
| public SpondClient(ICommonData? commonData = null, ILogger<SpondClient>? logger = null) | ||
| { | ||
| _commonData = commonData ?? new CommonData_2_1(); | ||
| _commonData = commonData ?? new CommonData_Core_V1(); | ||
| _client = new HttpClient(new HttpClientHandler { CookieContainer = new CookieContainer() }) { BaseAddress = new Uri(_commonData.BaseUrl) }; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The old
https://spond.com/api/2.1/loginendpoint now returns{"token": "...", "phoneNumber": "****12"}instead of{"loginToken": "..."}, breaking authentication. The active API ishttps://api.spond.com/core/v1/.Changes
CommonData_Core_V1(new):ICommonDataimplementation targetingapi.spond.com/core/v1/for all endpoints (login, profile, groups, events).SpondClient: defaults toCommonData_Core_V1;LoginWithEmail/LoginWithPhoneNumbergain an optionalFunc<string, Task<string>>? otpCallbackto complete the 2FA flow when the API returns a temp token + masked phone number instead of a directloginToken.Program.cs(test): passes a console OTP prompt as the callback.2FA usage
CommonData_2_1is retained for callers that explicitly pass it; the default has changed.