Skip to content

API

Jump to bottom
Andy Park edited this page Dec 31, 2017 · 4 revisions

User creation API:

/users

Method: POST

Content (application-json): {"email":"", "first_name":"", "last_name":"", "password":""}

Auth: None

Functionality:

- Checks in the DB if the same user already exists by querying with the email address as key. Make sure the email is turned into lowercase.
- If the email exists, return 422 with error message like "The email address is already registered".
- If the email is brand new, return 200 with a login response {"api_user":"<some id>", "api_key":"<some random generated hash>"} and write this login response in the auth_tokens table

Method: PUT

Content (application-json): {"email":"", "first_name":"", "last_name":"", "password":""}

Auth: None

Functionality:

- Checks in the DB if the same user already exists by querying with the email address as key. Make sure the email is turned into lowercase.
- If the email exists, change the name and password in the DB.
- If the email is brand new, return 404.

Login API:

/login

Method: POST

Content (application-json): Ignore

Auth: BASIC email:password

Functionality:

- Hash the password using SHA256 and compare against email record in the users table. To lowercase the email address.
- If the email doesn't exist return 404 with message "Email not found"
- If the email exists but the password doesn't match return 401
- If everything checks out return login response {"api_user":"<some id>", "api_key":"<some random generated hash>"} and write this login response in the auth_tokens table

APP APIs:

Note: All /api endpoints need to first validate the api_key and api_user in the auth_token table. If the token is not found or doesn't match return 401.

/api/logout

Method: POST

Content (application-json): Ignore

Auth: BASIC api_user:api_key

Functionality:

- Remove the auth token from the auth_tokens table

- Return code 204

/api/records

Method: GET

Auth: BASIC api_user:api_key

Functionality:

- Return a list of all records in JSON format: [{"id":"", "age":"<?>",...},{"id":"", "age":"<?>",....}]
- Return code 200
- If there are no records return empty JSON list: []

Method: POST

Content (application-json): {"age":"", ....}

Auth: BASIC api_user:api_key

Functionality: - Create new record in the DB with what's in the content - Return a JSON object for the new record with id: {"id":"", "age":"<?>",...} - Return code 200

/api/records/{record_id}

Method: GET

Auth: BASIC api_user:api_key

Functionality:

- Return a JSON object for one record: {"id":"", "age":"<?>",...}
- Return code 200
- If the record is not found return 404

Method: PUT

Content (application-json): {"id":"", "age":"", ....}

Auth: BASIC api_user:api_key

Functionality:

- Replace existing record in the DB with what's in the content
- Return a JSON object for the updated record: {"id":"", "age":"<?>",...}
- Return code 200
- If the record is not found return 404

Method: DELETE

Auth: BASIC api_user:api_key

Functionality:

- Delete record in the DB
- If successful return 204
- If not found return 404
Clone this wiki locally