will send an email to the user with a link to confirm the account
POST
/user/signup/
all fields are mandatory
- Username must be unique and between 1 and 20 characters long
- Email must be unique and between 1 and 50 characters long
- Password must be between 8 and 50 characters long and contain at least one uppercase letter, one digit and one special character
{ "username": "Aurel", "email": "[email protected]", "password": "Validpass42*" }
http code content-type response 201
application/json
{"message": "Account created, Verification email sent"}
401
application/json
{"errors": ["AAA", "BBB", "..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
NB : id is in base64
will return 200 if successful
POST
/user/verify-email/
http code content-type response 200
application/json
{'message': 'user verified', 'refresh_token': refresh_token}
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
will return a refresh token when successful
POST
/user/signin/
mandatory fields :
- login (username or email)
- password
optional fields :
- 2fa_code : if the user has 2FA enabled, this field is mandatory
{ "login": "Aurel", "password": "Validpass21*", "2fa_code": "123456" }
http code content-type response 201
application/json
{"refresh_token": "eyJhbGci.."}
401
application/json
{"errors": [ "AAA","BBB", "..."], '2fa': true}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
will return a boolean
POST
/user/username-exist/
{ "username": "Aurel" }
http code content-type response 200
application/json
{"is_taken": false}
200
application/json
{"is_taken": true}
n401
application/json
{"errors": [ "AAA","BBB", "..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
will return a boolean
POST
/user/email-exist/
{ "email": "..." }
http code content-type response 200
application/json
{"is_taken": false}
200
application/json
{"is_taken": true}
401
application/json
{"errors": [ "AAA","BBB", "..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
will return an access token when successful
POST
/user/refresh-access-jwt/
all fields are mandatory
{ "refresh_token": "234235sfs3r2.." }
http code content-type response 200
application/json
{"access_token": "eyJhbGci.."}
400
application/json
{"errors": ["AAA", "BBB", "..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
will return 200 if successful and send a 6 alphanum code to the user's email
POST
/user/forgot-password/send-code/
all fields are mandatory
{ "email": "..." }
http code content-type response 200
application/json
{"ok": "Email sent","email": "************[email protected]", "expires": "2024-01-10T11:20:43.253"}}
400
application/json
{"errors": "AAA"}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
will return 200 if successful
POST
/user/forgot-password/check-code/
all fields are mandatory
{ "email": "...", "code": "..." }
http code content-type response 200
application/json
{"ok": "ok"}
400
application/json
{"errors": "AAA", errors details : "aaa" }
500
application/json
{"errors": ['An unexpected error occurred : ...']}
will return 200 if successful, change the user password, revoke the code given by email
POST
/user/forgot-password/change-password/
all fields are mandatory
{ "email": "...", "code": "..." "new_password": "..." }
will return public user information
GET
/user/{user_id}/
Authorization: {access_token}
{user_id}
NB : user_id must be an integer
http code content-type response 200
application/json
{"id": "1", "username": "tdameros"}
400
application/json
{"errors": "AAA", errors details : "aaa" }
500
application/json
{"errors": ['An unexpected error occurred : ...']}
will return a list of user ids
POST
/user/id_list/
Authorization: {access_token}
{ "id_list": [1, 2, 3] }
NB : id_list could be a list of integers or strings (ex : ["1", "2", "3"])
if a user is not found, it will not be in the response
200 :
[
{
"2": "Aurel1243",
"3": "Aurel121233"
}
]
If you want to retrieve a username, you should do something like :
result.json().get(str(id))
nb :I cannot respond with id as int because keys are converted to strings in the json response
http code content-type response 200
application/json
...
400
application/json
{"errors": ["AAA"]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
will return public user information
GET
/user/{username}/
Authorization: {access_token}
{username}
NB : username must be a string
http code content-type response 200
application/json
{"id": "1", "username": "tdameros"}
400
application/json
{"errors": "AAA", errors details : "aaa" }
500
application/json
{"errors": ['An unexpected error occurred : ...']}
will return a list of usernames that contains the searched username
POST
/user/search-username/
Authorization: {access_token}
{ "username": "Aurel" }NB : An empty username will return an error "Username not found"
http code content-type response 200
application/json
{"usernames": ["Aurel", "Aurel2", "Aurel3"]}
400
application/json
{"errors": ["AAA"]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
This endpoint initiates the OAuth authentication process for the specified authentication service. It returns a redirection URL to the OAuth service's authorization endpoint.
GET
/user/oauth/{auth_service}/?source=https://example.com
{auth_service} and as a query parameter :
source
: The URL to which the OAuth service will redirect the user after authentication
NB:
auth_service
must be one of the following values: 'github', '42api' andsource
must be a valid URL wich does not begin with www but with http or https
http code content-type response 200
application/json
{"redirection_url": "https://oauth-service.com/authorize?client_id=XXX&redirect_uri=YYY&state=ZZZ&scope=user:email"}
400
application/json
{"errors": ["Unknown auth service"]}
NB : if the user cancel oauth2, it will be redirect to the source URI specified, with an error message in the query parameters and no refresh token will be created
This endpoint handles the callback after successful OAuth authentication and retrieves the user's information.
GET
/user/oauth/callback/{auth_service}/
{auth_service}
NB:
auth_service
must be one of the following values: 'github', '42api'
code
: Authorization code obtained from the OAuth servicestate
: State parameter to prevent CSRF attacks
http code content-type response 201
application/json
redirect to source, putting the refresh token in a cookie named refresh_token
400
application/json
{"errors": ["Failed to retrieve access token"]}
400
application/json
{"errors": ["Invalid state"]}
400
application/json
{"errors": ["Failed to create or get user"]}
400
application/json
{"errors": ["An unexpected error occurred : ..."]}
500
application/json
{"errors": ['Failed to create or get user']}
will return 200 if successful
POST
/user/update-infos/
Authorization: {access_token}
mandatory field : change_list, access_token all other fields are optional and depend on the change_list
{ "change_list": ["username", "email", "password"] "username": "NewUsername", "email": "[email protected]", "password": "NewPassword42*" } NB : change_list must contain at least one of the following values : "username", "email", "password"
http code content-type response 200
application/json
{"ok": "ok"}
400
application/json
{"errors": ["AAA", "BBB", "..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
This endpoint enables Two-Factor Authentication for the user.
POST
/user/2fa/enable
Authorization: {access_token}
http code content-type response 200
image/png
png of the QR code the user needs to scan
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
This endpoint disables Two-Factor Authentication for the user.
POST
/user/2fa/disable
Authorization: {access_token}
http code content-type response 200
application/json
{"message": "2fa disabled"}
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
If the user already have 2FA disabled, the response will be :
400 {"errors": ["2FA is already disabled"]}
else
200 {'message': '2fa disabled'}
This endpoint verifies the user's Two-Factor Authentication code.
POST
/user/2fa/verify
Authorization: {access_token}
All fields mandatory:
{ "code": "123456" }
http code content-type response 200
application/json
{"message": "2fa verified"}
400
application/json
{"errors": ["...]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
This endpoint retrieves the user's friend list.
GET
/user/friends/
Authorization: {access_token}
http code content-type response 200
application/json
{"friends": [{"id": 1, "status": accepted}, ...]}
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
This endpoint delete a friend of the user
DELETE
/user/friends/
Authorization: {access_token}
name data type description type friend_id
int Friend's id Required
http code content-type response 200
application/json
{"message": "friend deleted"}
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
This endpoint send a friend request
POST
/user/friends/request/
Authorization: {access_token}
All fields mandatory:
{ "friend_id": 1 }
http code content-type response 200
application/json
{"message": "friend request sent"}
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
This endpoint is used to accept a friend request
POST
/user/friends/accept/
Authorization: {access_token}
All fields mandatory:
{ "friend_id": 1 }
http code content-type response 200
application/json
{"message": "friend request accepted"}
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
This endpoint is used to decline a friend request
POST
/user/friends/decline/
Authorization: {access_token}
All fields mandatory:
{ "friend_id": 1 }
http code content-type response 200
application/json
{"message": "friend request declined"}
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
This endpoint retrieves the status of a friend request.
DELETE
/user/friends/
Authorization: {access_token}
name data type description type friend_id
int Friend's id Required
http code content-type response 200
application/json
{"status": "accepted"}
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
This endpoint anonymizes the user's account.
GDPR compliant ( article 17 )
DELETE
/user/delete-account/
Authorization: {access_token}
http code content-type response 200
application/json
{"message": "account deleted"}
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
This endpoint allows the user to get and update his avatar.
GET
/user/avatar/<str:username>
username of the user to retrieve
http code content-type response 200
image/png
png of the user's avatar
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
POST
/user/avatar/
Authorization: {access_token}
all fields are mandatory
{
"avatar": "base64 of the new avatar"
}
http code content-type response 200
application/json
{"message": "avatar updated"}
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
DELETE
/user/avatar/
Authorization: {access_token}
http code content-type response 200
application/json
{"message": "avatar deleted"}
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
This endpoint sends the user's informations via email.
GDPR compliant ( article 15 )
GET
/user/send-user-infos/
Authorization: {access_token}
http code content-type response 200
application/json
{"ok": "Email sent", "email": "************[email protected]"}
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
This endpoint retrieves the user's private information.
GET
/user/me/
Authorization: {access_token}
http code content-type response 200
application/json
{"ok": "Email sent", "email": "************[email protected]"}
400
application/json
{"errors": ["..."]}
500
application/json
{"errors": ['An unexpected error occurred : ...']}
Json response :
{
"username" : "Aurel",
"id": 1,
"email": "[email protected]",
"has_2fa": true,
"OAuth": None
}
or
{
"username" : "Aurel",
"id": 1,
"email": "[email protected]",
"has_2fa": false,
"OAuth": "github"
}
for OAuth, value can be :
- None
- "github"
- "42api" (in case of doubt you can check the user model in models.py)