Authentication

Objects

Object are json objects.

  1. Permission
    name:Name of the permission to display it.
    code_name:the code for the permission.
  2. Group
    id:ID of the group in database.
    name:Name of the group to display it.
    permissions:List of permission object.
  3. User
    id:ID of the user in database.
    first_name:First name of the user.
    last_name:Last name of the user.
    email:email of the user.
  4. Access
    At login API, if the user is staffmember or admin we have such an object.
    group:The group object which user is member of it.
    is_admin:If the user is admin then its true.
    is_staff:If the user is staffmember then its true.

Errors

If a token needs to be refreshed:

status_code:

401
response:
{"message": "Fresh token required"}

Invalid token:

status_code:

422
response:
{"message": "reason"}

Expired token:

status_code:

401
response:
{"message": "Token has expired"}

Revoked token:

status_code:

401
response:
{"message":"Token has been revoked"}

All of the listed APIs are restfull and content-type is application/json

Registration API

class fardel.core.auth.views.RegistrationApi[source]
URL:/api/auth/register/
post()[source]
Required arguments:
 
  • email
  • password
Optional arguments:
 
  • first_name
  • last_name
Response:
{
   "message":"Successfully registered",
   "access_token":"access_token",
   "refresh_token":"refresh_token"
}
Errors:

if email or password does not provided:

status_code:

400
response:
{"message":"Unvalid form submitted"}

If email already exists:

status_code:

409
response:
{"message": "A user with this email already exists."}

Login API

class fardel.core.auth.views.LoginApi[source]
URL:/api/auth/login/
post()[source]
Required arguments:
 
  • email
  • password
Response:
{
   "message":"Successfully registered",
   "access_token":"access_token",
   "refresh_token":"refresh_token",
   "access": AccessObject
}
Errors:

if email or password does not provided:

status_code:

400
response:
{"message":"Unvalid form submitted"}

If email or password is not correct:

status_code:

401
response:
{"message":"Username or password is not correct"}

Logout API

class fardel.core.auth.views.LogoutApi[source]
URL:/api/auth/logout/
post()[source]
  • Authorization header containing access token is required
Status_code:

200
Response:
{
    "message": "Access token has been revoked"
}

Logout Refresh Token API

class fardel.core.auth.views.LogoutRefreshApi[source]
URL:/api/auth/logout-refresh/
post()[source]
  • Authorization header containing refresh token is required
Status_code:

200
Response:
{
    "message": "Refresh token has been revoked"
}

Refresh Token API

class fardel.core.auth.views.RefreshTokenApi[source]
URL:/api/auth/refresh-token/
post()[source]
  • Authorization header containing refresh token is required
Status_code:

200
Response:
{
    "access_token": "access_token"
}

Profie API

class fardel.core.auth.views.ProfileApi[source]
URL:/api/auth/profile/
get()[source]
  • Authorization header containing access token is required
Status_code:

200
Response:
{
    "user": UserObject
}
put()[source]
  • Authorization header containing refresh token is required
Status_code:

200
Response:
{
    "message": "Profile successfully updated"
    "user": UserObject
}