Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/iamngoni/heimdall/llms.txt

Use this file to discover all available pages before exploring further.

Update Profile

Update the authenticated user’s display name.

Authentication

Requires authentication via session cookie or bearer token.

Request Body

display_name
string
required
New display name for the user. Must not be empty after trimming whitespace.

Response

success
boolean
Whether the profile update succeeded
message
string
Human-readable success message

Example

curl -X PATCH https://api.heimdall.dev/api/settings/profile \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"display_name": "Jane Smith"}'

Response Example

{
  "status": "ok",
  "data": {
    "success": true,
    "message": "Profile updated."
  }
}

Error Responses

error
object
400 Bad Request: Display name is empty after trimming 404 Not Found: User not found in database

Change Password

Change the authenticated user’s password. Requires the current password for verification.

Authentication

Requires authentication via session cookie or bearer token.

Request Body

current_password
string
required
The user’s current password for verification
new_password
string
required
The new password. Must be at least 8 characters long.

Response

success
boolean
Whether the password change succeeded
message
string
Human-readable success message

Example

curl -X POST https://api.heimdall.dev/api/settings/change-password \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "current_password": "old_password",
    "new_password": "new_secure_password"
  }'

Response Example

{
  "status": "ok",
  "data": {
    "success": true,
    "message": "Password changed successfully."
  }
}

Error Responses

400 Bad Request:
  • New password is less than 8 characters
  • Current password is incorrect
404 Not Found: User not found in database

Security Notes

  • Passwords are hashed using Argon2id before storage
  • Current password must be verified before allowing change
  • No password complexity requirements beyond minimum length

Implementation Reference

See src/routes/settings.rs:453 (update_profile) and src/routes/settings.rs:506 (change_password) for endpoint implementations.