Accounts - LegionPE/API-Docs GitHub Wiki
User Accounts
Every unique user on LegionPE is assigned with a user ID (UID). If username changes ever occur, the UID will still be kept the same.
Name2Uid
GET /api/Name2Uid.php
Parameters
| Name | Type | Description |
|---|---|---|
| name | string | The username to query for; case-insensitive |
Response Data
| Name | Type | Description |
|---|---|---|
| uid | number | The result user ID |
Example Response
{
"status": true,
"error": null,
"data": {
"uid": 3
}
}
Basic Authentication (BA)
There are two methods to authenticate as a user using BA: UID + hash or username + hash.
Passwords REALLY SHOULD NOT be sent in plaintext through the API. Instead, hashes are sent.
This is an example implementation of the hash algorithm implemented in PHP:
bin2hex(hash("whirlpool", $password . $uid, true) ^ hash("sha512", $uid . $password, true));
where $uid is the user ID (presented as a decimal string) and $password is the user password. The output is the hex representation of the binary output of whirlpool(password + uid) and sha512(uid + password), combined using XOR (per byte).
The request fields hash and uid, or hash and name, are required for every request that uses BA.