AuthAPI - MikeAWilliams/white_card GitHub Wiki
Description
This set of apis manages the users. It lets users create accounts, verifies their email, and links their account to the rest of the system.
API
POST /api/v1/auth/signup
Description
Create a new user
Request Body
{
"email": "[email protected]",
"password": "qwerty"
}
Response
200 Successful
{
"email": "[email protected]",
"message": "An email has been sent to [email protected]. Follow the instructions provided to verify your email address. If you have trouble, please check your spam folder."
}
422 Email or password invalid
{
"message": "text you can give to the user about the bad email or password"
}
500 A database or other error
{
"message": "text you can give to the user about the error"
}
GET /api/v1/auth/verify?email=[email protected]&token=jwt
Description
When a new users is generated a link is sent via email to the user. This handles the link
Request Body
none
Response
200 Successful Some nice html that says it worked 422 Email or token is invalid Some html that says it didn't work
POST /api/v1/auth/link
Description
Used to link a user to the rest of the system granting them whatever privileges they should have. If the user logged in is an AM they can link other users. If logged in user is a common user they can only link themself
Request Header
JWT Header format
Request Body
{
"blueCardNumber": 123456,
"token": "the linking token"
}
Response
200 Successful
{
"email": "[email protected]",
"blueCardNumber": 123456
}
422 Email or token is invalid
{
"message": "text you can give to the user about the bad email or token"
}
GET /api/v1/auth/link
Description
Used to link a user to the rest of the system granting them whatever privileges they should have.
Request Header
JWT Header format
Request Body
none
Response
200 Successful
{
"token": "a human readable work to identify this account"
}
422 the user is already linked
{
"message": "text you can give to the user"
}
POST /api/v1/auth/login
Description
User enters email and password. Returns a JWT used for the rest of the system.
Request Body
{
"email": "[email protected]",
"password": "qwerty"
}
Response
200 Successful
{
"email": "[email protected]",
"token": "a JWT token"
}
422 Email or or password is invalid
{
"message": "text you can give to the user about the bad email or email"
}
POST /api/v1/auth/changepw
Description
Lets the user change their password
Request Header
JWT Header format
Request Body
{
"email": "[email protected]",
"oldPassword": "the old password",
"newPassword": "the new password"
}
Response
200 Successful
{
"email": "[email protected]",
}
422 Email, old password, or new password is invalid
{
"message": "text you can give to the user about the bad email or password"
}
POST /api/v1/auth/canresetpw
Description
Lets a user reset their password. Link containing JWT will be emailed to users email on request
Request Header
JWT Header format
Request Body
{
"email": "[email protected]",
}
Response
200 Successful
{
"email": "[email protected]",
}
422 Email or token is invalid
{
"message": "text you can give to the user about the bad email or token"
}
POST /api/v1/auth/resetpw
Description
Lets a user reset their password. Link containing JWT will be emailed to users email on request
Request Header
JWT Header format
Request Body
{
"email": "[email protected]",
"newPassword": "qwerty",
}
Response
200 Successful
{
"email": "[email protected]",
}
422 Email or token is invalid
{
"message": "text you can give to the user about the bad email or