Backend API Docs

Overview

• General
  • Authenticating Requests
  • Success Responses
  • Error Responses
• Authentication
  • POST /login
  • POST /logout
• Admin
  • POST /admin/user
  • PATCH /admin/user
  • DELETE /admin/user
  • GET /admin/user_list
  • GET /admin/user_stats
• User Sessions
  • GET /session/userdata
  • GET /session/reset
  • GET /session/refresh
  • POST /session/images
  • GET /session/images
  • DELETE /session/images
  • POST /session/cover
  • GET /session/cover
  • GET /session/archive

General

Authenticating requests

• All (non-GET) requests need to be sent with a header of Content-Type: application/json
• All requests except POST /login need to be authenticated by providing a valid token.
• The token for the next request is obtained in the token field of each successful response.
• The token is can be provided by any of the following methods:
  • A X-Access-Token header (preferred)
  • A token query parameter
  • A token body parameter (for requests with Content-Type: application/json)

Success Responses

• Status Code: 200
• status Holds the string 'success'
• message Descriptive message
• token Access token for next request

Error Responses

• Status Codes: 4xx or 5xx
• status Holds the string 'error'
• message Error message

Authentication

POST /login Login a user

• Parameters (Body)
  • email
  • password
• Response (200)
  • data
    • id
    • name
    • email
    • brands
    • theme_color

GET /logout Logout the user

• Parameters
  • none
• Response (200)
  • empty

Admin

POST /admin/user

PATCH /admin/user

DELETE /admin/user

GET /admin/user_list

GET /admin/user_stats

User Session

GET /session/userdata

GET /session/reset

GET /session/refresh

POST /session/images

GET /session/images

DELETE /session/images

POST /session/cover

GET /session/cover

GET /session/archive