Public Endpoints
The BeAPI Framework provides public endpoints for simplifying authentication/authorization. Below is a list of those endpoints and what each one does
Create Public Endpoint
Endpoints in BeAPI are secure by default making most of them PRIVATE. To add a public endpoint of your own, you need to follow these instructions:
- Add Your @RestController: create your controller as a @RestController and use @requestmapping on your methods/endpoints:
@RestController public class YourController { @RequestMapping(value = "/hello", method = RequestMethod.GET) public ResponseEntity<?> hello(@RequestParam("name") String name) { return ResponseEntity.ok("hello called "+name); } } - Add Endpoints to Config: Finally, for your endpoints to be seen, you have to add them to beapi-api.yml under 'reserveduris':
api: attempts: 5 procCores: 8 reserveduris: [ '/authenticate', '/register', '/error', '/logout', '/validate', '/validateResetPassword', '/resetPassword', '/forgotPassword', '/hello' ]
/authenticate
The /authenticate endpoint is where you login with you username/password credentials
curl -v -c ./cookies.txt -H "Content-Type: application/json" -X POST -d '{"username":"YOUR_USERNAME","password":"YOUR_PASSWORD"}' http://YOURSITE:8080/authenticateOutput:
{"token":"eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZG1pbiIsImV4cCI6MTY2MDA4NzM1OSwiaWF0IjoxNjYwMDY5MzU5fQ.bR8lgrGlzCmHKhXC1D_LF-vVmFINAVX9kgA2n-EiIbslYaix......"}| Param Name | Type | Description |
|---|---|---|
| username | String | login username |
| password | String | login password |
/register & /validate
/register & /validate are a three-part process. First someone must register, then an email is sent to them wherein they must click on a link to validate.
/register
curl -v -c ./cookies.txt -H "Content-Type: application/json" -X POST -d '{"username":"YOUR_USERNAME","password":"YOUR_PASSWORD", "email":"YOU_EMAIL}' http://YOURSITE:8080/registerOutput:
A validation email was sent. Please check your inbox
| Param Name | Type | Description |
|---|---|---|
| username | String | login username |
| password | String | login password |
| String | account email |
/validate
http://YOURSITE:8080/validate?id=f2fr2fq13f3qf3wgwdfbdrhOutput:
NOTE: User is validated and redirected to homepage of site
/forgotPassword
/forgotPassword & /resetPassword work together with /validate to create a secure way to reset your password
curl -v -c ./cookies.txt -H "Content-Type: application/json" -X POST -d '{"email":"YOUR_EMAIL"}' http://YOURSITE:8080/forgotPasswordOutput:
A validation email was sent. Please check your inbox
| Param Name | Type | Description |
|---|---|---|
| String | account email |
/refreshToken
/refreshToken is a way to refresh the expiry on your token without resending credentials
curl -v -b ./cookies.txt -H "Content-Type: application/json" -H "Authorization: Bearer eyJvcmlnaW4iOiIxMjcuMC4wLjEiLCJicm93c2VyIjoiVW5rbm93biIsIm9zIjoiVW5rbm93biIsImFsZyI6IkhTNTEyIn0.eyJzdWIiOiJhZG1pbiIsImV4cCI6MTczODQ0NDcyMywiaWF0IjoxNzM4MzU4MzIzf" --request GET "http://localhost:8080/refreshToken?name=admin"Output:
token : ff8o6g8o2d8o9781o97rgfh7980127g2y0rt07y923132f213tfg2
| Param Name | Type | Description |
|---|---|---|
| name | String | your username |