Authentication views

sol.views.auth.auth_user(request)

Verify the credentials of an user.

URL

/auth/login

Method

POST

Response

JSON

Parameters

username

the name of the user

password

its password

Upon successful authentication, the client receives back a JSON structure containing information about the user and his preferences, and a session cookie.

Invalid credentials

curl --silent \\
     --data "username=foo" \\
     --data "password="bar" \\
     http://server.sol/auth/login

$params = @{
  Uri = 'http://server.sol/auth/login'
  Method = 'POST'
  Body = @{
    username = "foo"
    password = "bar"
  }
}
(Invoke-WebRequest @params).Content

This emits a JSON response similar to the following:

{
  "success": false,
  "message": "The inserted user and password, or one of the two, are wrong!",
  "errors": {
    "username": "Invalid credentials",
    "password": "Invalid credentials"
  }
}

Successful call

curl --silent \\
     --data "username=lele" \\
     --data "password=therightpassword" \\
     --cookie-jar cookies.txt \\
     http://server.sol/auth/login

$params = @{
  Uri = 'http://server.sol/auth/login'
  Method = 'POST'
  Body = @{
    username = "lele"
    password = "therightpassword"
  }
}
$res = Invoke-WebRequest @params
$ses.Cookies | Export-Clixml -Path "cookies.txt"

This time the JSON response contains something like:

{
  "success": true,
  "fullname": "Lele Gaifax",
  "is_admin": false,
  "is_nationalliable": null,
  "is_ownersadmin": true,
  "is_playersmanager": true,
  "user_id": 1,
  "maxratinglevel": "2",
  "reload_l10n": false,
  "ui_language": null,
  "modules": [ "…" ],
  "shortcuts": [ "…" ],
  "quickstart": [ "…" ]
}
sol.views.auth.logout(request)

Conclude the session of the user, logging him out.

URL

/auth/logout

Method

GET

Response

JSON

This can be called only by an authenticated user.

Unauthorized call

curl --silent --out-null \\
     --write-out '%{http_code}\n' \\
     http://server.sol/auth/logout

401

$params = @{ Uri = 'http://server.sol/auth/login' }
$res = Invoke-WebRequest @params
$res.StatusCode

401

Successful call

curl --silent \\
     --cookie cookies.txt \\
     http://server.sol/auth/logout

$ses = Import-Clixml -Path "cookies.txt"
$params = @{
  Uri = 'http://server.sol/auth/logout'
  Method = 'POST'
  SessionVariable = 'ses'
}
(Invoke-WebRequest @params).Content

The JSON response contains something like:

{
  "success": true,
  "message": "Goodbye"
}
sol.views.auth.create_new_user(request)

First step of the sign-in workflow.

URL

/auth/signin

Method

POST

Response

JSON

Parameters

email

the email address of the new account

password

the password of the new account

firstname

the first name of the user

lastname

the family name of the user

language

the preferred language

Once an anonymous visitor fills the self registration form and confirms the data this method validates it and if everything is good a new user is created and an email is sent to the new potential user, with an URL she must visit to complete the procedure.

sol.views.auth.confirm_new_user(request)

Second step of the sign-in workflow.

URL

/auth/signin

Method

GET

Response

HTML

Parameters

confirm

the signed id of the new user

This concludes the self registration procedure: if confirm is valid the new account is activated and the visitor is redirected to the login page.

sol.views.auth.lost_password(request)

First step of the reset password workflow.

URL

/auth/lost_password

Method

POST

Response

JSON

Parameters

email

the user's email address

This sends an email to the specified address, with an URL that the user must visit to reset her own password.

sol.views.auth.reset_password(request)

Second step of the reset password workflow.

URL

/auth/reset_password

Method

POST

Response

JSON

Parameters

token

a signed token

password

the new password

This changes the user's password to a new one.

sol.views.auth.change_password(request)

Change the user's password

URL

/auth/change_password

Method

POST

Response

JSON

Parameters

oldpassword

the old password

newpassword

the new password

This replaces oldpassword with newpassword for the authenticated user.

Unauthorized call

curl --silent --out-null \\
     --write-out '%{http_code}\n' \\
     http://server.sol/auth/change_password

401

$params = @{ Uri = 'http://server.sol/auth/change_password' }
$res = Invoke-WebRequest @params
$res.StatusCode

401

Successful call

curl --silent \\
     --cookie cookies.txt \\
     --data "oldpassword=foo" \\
     --data "newpassword=bar" \\
     http://server.sol/auth/change_password

$ses = Import-Clixml -Path "cookies.txt"
$params = @{
  Uri = 'http://server.sol/auth/change_password'
  Method = 'POST'
  SessionVariable = 'ses'
  Body = @{
    oldpassword = 'foo'
    oldpassword = 'bar'
  }
}
(Invoke-WebRequest @params).Content

The JSON response contains something like:

{
  "success": true
}
sol.views.auth.change_language(request)

Change the user's preferred language.

URL

/auth/change_language

Method

POST

Response

JSON

Parameters

language

the ISO code of the language

This sets the language used by the UI for the authenticated user.

Unauthorized call

curl --silent --out-null \\
     --write-out '%{http_code}\n' \\
     http://server.sol/auth/change_language

401

$params = @{ Uri = 'http://server.sol/auth/change_language' }
$res = Invoke-WebRequest @params
$res.StatusCode

401

Successful call

curl --silent \\
     --cookie cookies.txt \\
     --data "language=xy" \\
     http://server.sol/auth/change_language

$ses = Import-Clixml -Path "cookies.txt"
$params = @{
  Uri = 'http://server.sol/auth/change_language'
  Method = 'POST'
  SessionVariable = 'ses'
  Body = @{
    language = 'xy'
  }
}
(Invoke-WebRequest @params).Content

The JSON response contains something like:

{
  "success": true
}