Authentication / Authorization

The Beapi Springboot Starter has several built-in tools to help you get loggedIn/Logout and secure your users access.. Below is an explanation of those tools and how to use them.

Authentication/Authorization

User management including authentication/authorization are BUILT-IN. You can login and get a token using the following methids...

Authentication

Assuming you already have a 'registered acct', you can 'authenticate' using the following command:

curl -v -c ./cookies.txt -H "Content-Type: application/json" -X POST -d '{"username":"YOUR_USERNAME","password":"YOUR_PASSWORD"}' http://YOURSITE:8080/authenticate

An example of authenticating via Javascript/Jquery is below:


  $('#login').submit(function (event) {
      event.preventDefault();
     var jsonData = {"username":$('#username').val(),"password":$('#password').val() };

      $.ajax({
          type: 'POST',
          url: window.url + "/authenticate",
          cache:false,
          async:true,
          contentType: 'application/json',
          data: JSON.stringify(jsonData),
          //dataType:'json',
          headers: {
              'Access-Control-Allow-Origin': 'http://test.nosegrind.net:8080'
          },
          xhrFields:{
              withCredentials: true
          },
          crossDomain: true,
          error: function (xhr, textStatus, thrownError){
              console.log('error: ' + thrownError);
          },
          success: function (data, textStatus, xhr){
              console.log('success');
          },
          complete: function (xhr, textStatus) {
              console.log('complete');
          }
      }).done(function(data, textStatus, jqXHR) {
          console.log('done : '+textStatus);
          if(textStatus=='success'){
              var tmp = jqXHR.responseText
              localStorage.setItem('token', tmp);

              // reload header
              var header = null;
              var test = localStorage.getItem('token');
              if(test!=null){
                  header = "common/admin_header.html";
              }else{
                  header = "common/nologin_header.html";
              }

              $("#orp_header").load(header);
              location.reload();
          };
      }).fail(function(jqXHR, textStatus, errorThrown) {
          alert(textStatus);
          var msg = '';
          if (jqXHR.status === 0) {
              msg = 'Not connected.Verify Network.'+window.url+'.Error:'+errorThrown;
          } else if (jqXHR.status == 404) {
              msg = 'Requested page not found. [404]\n' + jqXHR.responseText;
          } else if (jqXHR.status == 500) {
              msg = 'Internal Server Error [500].\n' + jqXHR.responseText;
          } else if (exception === 'parsererror') {
              msg = 'Bad Credentials. Please Try Again';
          } else if (exception === 'timeout') {
              msg = 'Time out error.';
          } else if (exception === 'abort') {
              msg = 'Ajax request aborted.';
          } else {
              msg = 'Uncaught Error.\n' + jqXHR.responseText;
          }
          alert(msg);
      })

  });

Authorization

Once you get back a token, you can use it in followup requests like so:

curl -v -b ./cookies.txt -H "Content-Type: application/json" -H "Authorization: Bearer YOUR_TOKEN" --request GET "http://YOURSITE:8080/v1.0/user/show?id%3Dtest"

NOTE: One must first have an account prior to auth. Admin/test accounts are autobootstrapped for testing in the beapi_api.yml file (which can be used to test).

Refresh Token

Tokens expire every 24 hrs so to keep from having to send your credentials again, you use the '/refreshToken' endpoint. When calling the endpoint, you have to send your existing token and your username:

curl -v -b ./cookies.txt -H "Content-Type: application/json" -H "Authorization: Bearer eyJvcmlnaW4iOiIxMjcuMC4wLjEiLCJicm93c2VyIjoiVW5rbm93biIsIm9zIjoiVW5rbm93biIsImFsZyI6IkhTNTEyIn0.eyJzdWIiOiJhZG1pbiIsImV4cCI6MTczODQ0NDcyMywiaWF0IjoxNzM4MzU4MzIzfQ" --request GET "http://localhost:8080/refreshToken?name=admin"