will send an email to the user with a link to confirm the account
POST/user/signup/
all fields are mandatory
- Username must be unique and between 1 and 20 characters long
- Email must be unique and between 1 and 50 characters long
- Password must be between 8 and 50 characters long and contain at least one uppercase letter, one digit and one special character
{ "username": "Aurel", "email": "alevra@student.42lyon.fr", "password": "Validpass42*" }
http code content-type response 201application/json{"message": "Account created, Verification email sent"}401application/json{"errors": ["AAA", "BBB", "..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
NB : id is in base64
will return 200 if successful
POST/user/verify-email/
http code content-type response 200application/json{'message': 'user verified', 'refresh_token': refresh_token}400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
will return a refresh token when successful
POST /user/signin/
mandatory fields :
- login (username or email)
- password
optional fields :
- 2fa_code : if the user has 2FA enabled, this field is mandatory
{ "login": "Aurel", "password": "Validpass21*", "2fa_code": "123456" }
http code content-type response 201application/json{"refresh_token": "eyJhbGci.."}401application/json{"errors": [ "AAA","BBB", "..."], '2fa': true}500application/json{"errors": ['An unexpected error occurred : ...']}
will return a boolean
POST /user/username-exist/
{ "username": "Aurel" }
http code content-type response 200application/json{"is_taken": false}200application/json{"is_taken": true}n401application/json{"errors": [ "AAA","BBB", "..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
will return a boolean
POST /user/email-exist/
{ "email": "..." }
http code content-type response 200application/json{"is_taken": false}200application/json{"is_taken": true}401application/json{"errors": [ "AAA","BBB", "..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
will return an access token when successful
POST/user/refresh-access-jwt/
all fields are mandatory
{ "refresh_token": "234235sfs3r2.." }
http code content-type response 200application/json{"access_token": "eyJhbGci.."}400application/json{"errors": ["AAA", "BBB", "..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
will return 200 if successful and send a 6 alphanum code to the user's email
POST/user/forgot-password/send-code/
all fields are mandatory
{ "email": "..." }
http code content-type response 200application/json{"ok": "Email sent","email": "************ra@gmail.com", "expires": "2024-01-10T11:20:43.253"}}400application/json{"errors": "AAA"}500application/json{"errors": ['An unexpected error occurred : ...']}
will return 200 if successful
POST/user/forgot-password/check-code/
all fields are mandatory
{ "email": "...", "code": "..." }
http code content-type response 200application/json{"ok": "ok"}400application/json{"errors": "AAA", errors details : "aaa" }500application/json{"errors": ['An unexpected error occurred : ...']}
will return 200 if successful, change the user password, revoke the code given by email
POST/user/forgot-password/change-password/
all fields are mandatory
{ "email": "...", "code": "..." "new_password": "..." }
will return public user information
GET/user/{user_id}/
Authorization: {access_token}
{user_id}
NB : user_id must be an integer
http code content-type response 200application/json{"id": "1", "username": "tdameros"}400application/json{"errors": "AAA", errors details : "aaa" }500application/json{"errors": ['An unexpected error occurred : ...']}
will return a list of user ids
POST/user/id_list/
Authorization: {access_token}
{ "id_list": [1, 2, 3] }
NB : id_list could be a list of integers or strings (ex : ["1", "2", "3"])
if a user is not found, it will not be in the response
200 :
[
{
"2": "Aurel1243",
"3": "Aurel121233"
}
]If you want to retrieve a username, you should do something like :
result.json().get(str(id))nb :I cannot respond with id as int because keys are converted to strings in the json response
http code content-type response 200application/json...400application/json{"errors": ["AAA"]}500application/json{"errors": ['An unexpected error occurred : ...']}
will return public user information
GET/user/{username}/
Authorization: {access_token}
{username}
NB : username must be a string
http code content-type response 200application/json{"id": "1", "username": "tdameros"}400application/json{"errors": "AAA", errors details : "aaa" }500application/json{"errors": ['An unexpected error occurred : ...']}
will return a list of usernames that contains the searched username
POST/user/search-username/
Authorization: {access_token}
{ "username": "Aurel" }NB : An empty username will return an error "Username not found"
http code content-type response 200application/json{"usernames": ["Aurel", "Aurel2", "Aurel3"]}400application/json{"errors": ["AAA"]}500application/json{"errors": ['An unexpected error occurred : ...']}
This endpoint initiates the OAuth authentication process for the specified authentication service. It returns a redirection URL to the OAuth service's authorization endpoint.
GET/user/oauth/{auth_service}/?source=https://example.com
{auth_service} and as a query parameter :
source: The URL to which the OAuth service will redirect the user after authentication
NB:
auth_servicemust be one of the following values: 'github', '42api' andsourcemust be a valid URL wich does not begin with www but with http or https
http code content-type response 200application/json{"redirection_url": "https://oauth-service.com/authorize?client_id=XXX&redirect_uri=YYY&state=ZZZ&scope=user:email"}400application/json{"errors": ["Unknown auth service"]}
NB : if the user cancel oauth2, it will be redirect to the source URI specified, with an error message in the query parameters and no refresh token will be created
This endpoint handles the callback after successful OAuth authentication and retrieves the user's information.
GET/user/oauth/callback/{auth_service}/
{auth_service}
NB:
auth_servicemust be one of the following values: 'github', '42api'
code: Authorization code obtained from the OAuth servicestate: State parameter to prevent CSRF attacks
http code content-type response 201application/jsonredirect to source, putting the refresh token in a cookie named refresh_token400application/json{"errors": ["Failed to retrieve access token"]}400application/json{"errors": ["Invalid state"]}400application/json{"errors": ["Failed to create or get user"]}400application/json{"errors": ["An unexpected error occurred : ..."]}500application/json{"errors": ['Failed to create or get user']}
will return 200 if successful
POST/user/update-infos/
Authorization: {access_token}
mandatory field : change_list, access_token all other fields are optional and depend on the change_list
{ "change_list": ["username", "email", "password"] "username": "NewUsername", "email": "newemail@asdf.fr", "password": "NewPassword42*" } NB : change_list must contain at least one of the following values : "username", "email", "password"
http code content-type response 200application/json{"ok": "ok"}400application/json{"errors": ["AAA", "BBB", "..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
This endpoint enables Two-Factor Authentication for the user.
POST/user/2fa/enable
Authorization: {access_token}
http code content-type response 200image/pngpng of the QR code the user needs to scan400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
This endpoint disables Two-Factor Authentication for the user.
POST/user/2fa/disable
Authorization: {access_token}
http code content-type response 200application/json{"message": "2fa disabled"}400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
If the user already have 2FA disabled, the response will be :
400 {"errors": ["2FA is already disabled"]}
else
200 {'message': '2fa disabled'}
This endpoint verifies the user's Two-Factor Authentication code.
POST/user/2fa/verify
Authorization: {access_token}
All fields mandatory:
{ "code": "123456" }
http code content-type response 200application/json{"message": "2fa verified"}400application/json{"errors": ["...]}500application/json{"errors": ['An unexpected error occurred : ...']}
This endpoint retrieves the user's friend list.
GET/user/friends/
Authorization: {access_token}
http code content-type response 200application/json{"friends": [{"id": 1, "status": accepted}, ...]}400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
This endpoint delete a friend of the user
DELETE/user/friends/
Authorization: {access_token}
name data type description type friend_idint Friend's id Required
http code content-type response 200application/json{"message": "friend deleted"}400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
This endpoint send a friend request
POST/user/friends/request/
Authorization: {access_token}
All fields mandatory:
{ "friend_id": 1 }
http code content-type response 200application/json{"message": "friend request sent"}400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
This endpoint is used to accept a friend request
POST/user/friends/accept/
Authorization: {access_token}
All fields mandatory:
{ "friend_id": 1 }
http code content-type response 200application/json{"message": "friend request accepted"}400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
This endpoint is used to decline a friend request
POST/user/friends/decline/
Authorization: {access_token}
All fields mandatory:
{ "friend_id": 1 }
http code content-type response 200application/json{"message": "friend request declined"}400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
This endpoint retrieves the status of a friend request.
DELETE/user/friends/
Authorization: {access_token}
name data type description type friend_idint Friend's id Required
http code content-type response 200application/json{"status": "accepted"}400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
This endpoint anonymizes the user's account.
GDPR compliant ( article 17 )
DELETE/user/delete-account/
Authorization: {access_token}
http code content-type response 200application/json{"message": "account deleted"}400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
This endpoint allows the user to get and update his avatar.
GET/user/avatar/<str:username>
username of the user to retrieve
http code content-type response 200image/pngpng of the user's avatar400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
POST/user/avatar/
Authorization: {access_token}
all fields are mandatory
{
"avatar": "base64 of the new avatar"
}
http code content-type response 200application/json{"message": "avatar updated"}400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
DELETE/user/avatar/
Authorization: {access_token}
http code content-type response 200application/json{"message": "avatar deleted"}400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
This endpoint sends the user's informations via email.
GDPR compliant ( article 15 )
GET/user/send-user-infos/
Authorization: {access_token}
http code content-type response 200application/json{"ok": "Email sent", "email": "************ra@gmail.com"}400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
This endpoint retrieves the user's private information.
GET/user/me/
Authorization: {access_token}
http code content-type response 200application/json{"ok": "Email sent", "email": "************ra@gmail.com"}400application/json{"errors": ["..."]}500application/json{"errors": ['An unexpected error occurred : ...']}
Json response :
{
"username" : "Aurel",
"id": 1,
"email": "a@a.fr",
"has_2fa": true,
"OAuth": None
}or
{
"username" : "Aurel",
"id": 1,
"email": "a@a.fr",
"has_2fa": false,
"OAuth": "github"
}for OAuth, value can be :
- None
- "github"
- "42api" (in case of doubt you can check the user model in models.py)