Authentication API¶
Overview¶
The Authentication API provides endpoints to manage user authentication and roles. It allows users to sign in, log out, change their password, and manage user accounts and roles.
Endpoints¶
Sign In¶
- URL:
/api/authService/auth/signin - Method:
POST - Description: Signs in a user and returns a JWT token for authentication.
- Request Body:
{ "user": "username", "password": "password" } - Response:
{ "token": "jwt_token" }
Log Out¶
- URL:
/api/authService/auth/logout - Method:
POST - Description: Logs out the current authenticated user by clearing the session cookie.
- Response:
- 200 OK: Successfully logged out.
Create User¶
- URL:
/api/authService/auth - Method:
POST - Description: Creates a new user with the provided details.
- Request Body:
{ "name": "User Name", "user": "username", "password": "password" } - Response:
{ "id": 1, "name": "User Name", "user": "username", "idRole": 1 }
Get All Users¶
- URL:
/api/authService/auth/all - Method:
GET - Description: Retrieves a list of all users.
- Response:
[ { "id": 1, "username": "username", "name": "User Name", "idRole": 1 } ]
Get User¶
- URL:
/api/authService/auth/:user - Method:
GET - Description: Retrieves the details of a specific user by their username.
- Response:
{ "id": 1, "username": "username", "name": "User Name", "idRole": 1 }
Delete User¶
- URL:
/api/authService/auth/:user - Method:
DELETE - Description: Deletes a user by their username.
- Response:
- 200 OK: User successfully deleted.
Change Password¶
- URL:
/api/authService/auth/me/password - Method:
POST - Description: Changes the password for the authenticated user.
- Request Body:
{ "currentPassword": "current_password", "newPassword": "new_password" } - Response:
- 200 OK: Password successfully updated.
Change Password as Admin¶
- URL:
/api/authService/auth/:user/password/admin - Method:
POST - Description: Admin can change a user's password.
- Request Body:
{ "newPassword": "new_password" } - Response:
- 200 OK: Password successfully updated for the user.
Change Role¶
- URL:
/api/authService/auth/:user/role - Method:
POST - Description: Admin can change a user's role.
- Request Body:
{ "role": "new_role" } - Response:
- 200 OK: Role successfully updated for the user.
Get Authenticated User¶
- URL:
/api/authService/auth/me - Method:
GET - Description: Retrieves the details of the currently authenticated user.
- Response:
{ "id": 1, "username": "username", "name": "User Name", "idRole": 1 }
Example Usage¶
Sign In with Axios¶
import axios from 'axios';
axios.post('/api/authService/auth/signin', {
user: 'username',
password: 'password'
})
.then(response => {
console.log(response.data);
})
.catch(error => {
console.error(error);
});
Change Password for Authenticated User¶
axios.post('/api/authService/auth/me/password', {
currentPassword: 'old_password',
newPassword: 'new_password'
})
.then(response => {
console.log(response.data);
})
.catch(error => {
console.error(error);
});
Error Handling¶
- 422 Unprocessable Entity: Invalid data provided (e.g., missing fields or incorrect password format).
- 400 Bad Request: Invalid request or database error.
- 404 Not Found: User not found in the database.
- 500 Internal Server Error: Server errors, such as issues with database operations.