quirkbot-data-api
v0.3.0
Published
Quirkbot's CODE; backend
Downloads
2
Readme
Quirkbot API
A dockerized Sails backend for Quirkbot's CODE; programming environment.
Setup:
Running locally:
- Clone the repo:
git clone https://[email protected]/murilopolese/quirkbot-api.git
- Browse to the cloned repo folder
- Create or fill the
.env
file with required environment variables. - Run
npm install
- Run
npm start
Environment variables
Required MANDRILL_API_KEY APP_CONFIRMATION_URL APP_RESET_URL MONGO_URL
Optional LOGGLY_SUBDOMAIN LOGGLY_TOKEN LOGGLY_TAG LOGGLY_LEVEL NEW_RELIC_KEY NEW_RELIC_APP_NAME NEW_RELIC_LEVEL LOG_LEVEL API_DISK_DB_PATH (if using NODE_ENV="lite")
Available endpoints
- RESTful User
- RESTful Program
- AuthController endpoints:
- token
- resendConfirmation
- confirm
- resetRequest
- reset
- Other endpoints are described at
/config/routes.js
:
Permissions (Policies)
/config/policies.js
: Describe which policies to apply on each API endpoint.
/api/policies
: Policies definition.
Authentication
- Request token posting to
/auth/token
. You will need to sendusername
(nickname),password
andgrant_type
as parameters. You will also need to send anAuthorization
header with the base64 encoded appclient_id:secret
. For example:
POST /oauth/token HTTP/1.1
Host: docker:8080
Content-Type: application/x-www-form-urlencoded; text/html; charset=UTF-8
Authorization: Basic YWJjMTphc2Q=
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
grant_type=password&username=murilo%40asd.com&password=murilo
- Add the received request token as a
Bearer
token in the header of your next requests. For exemple:
GET /program HTTP/1.1
Host: docker:8080
Authorization: Bearer f56d95b7e9130d50f49aa62cd3ddc854675f2c87
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
- In case your token expired, use the refresh token to get a new one:
POST /auth/token HTTP/1.1
Host: docker:8080
Authorization: Basic YWJjMTphc2Q=
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
grant_type=refresh_token&refresh_token=3ab35d191fe883fb7f40ad5f0822066ceaf01f77
Reseting password
- Request an email to reset the password:
POST /auth/resetRequest HTTP/1.1
Host: docker:8080
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
nickname=murilopolese
- This email should contain an url to an IDE screen with a token. On this screen the user fill the new password and submit with the received token to the api:
POST /auth/reset HTTP/1.1
Host: docker:8080
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
token=%242a%2410%24glx8hwKty7Bhy.BKymO5euZoLmNS4NQmZxuah.t7KjDqFMZLtj8bq&password=secret
Confirm user
TODO
Resend confirmation
- Request an email to confirm the user:
POST /auth/resendConfirmation HTTP/1.1
Host: docker:8080
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
nickname=murilopolese
List of error codes:
- EMAIL_NOT_FOUND
- USER_NOT_FOUND
- USER_UPDATE
- RESET_PASSWORD_REQUEST
- RESET_PASSWORD
- RESET_REQUEST_NOT_FOUND
- ENCRYPT_PASSWORD
- PROGRAM_NOT_FOUND
- PROGRAM_UPDATE
- PROGRAM_CREATE
- NOT_AUTHENTICATED
- NOT_AUTHOR
- NOT_CONFIRMED
- NOT_YOURSELF
- AUTH_GRANT