User API Authentication.

[barmidrol]

Юнит-тесты на новый функционал напиши еще.

[R1cro]

API Authentication

Token-Based API Authentication. Returns JSON data about user authentication status.

• URL

  /api/login for user login /api/logout for user logout

• Method:

  GET & POST

• URL Params

  Required: Email and password for User login: user%5Bemail%5D=admin@admin&user%5Bpassword%5D=12345678

• Data Params

  -H "Authorization: Token token=19daef9f25a1d617d40b91ed5661dce1"

• Success Response: 1) User login:

  Code: 200
  Content:

  [
    "user": 
    {
      "id": 1,
      "email":"admin@admin",
      "name": "R1cro",
      "auth_token":"128947ed92022ca0022e710eb8eec983",
      "token_created_at":"2017-06-02T16:46:42.475Z",
    }
  ]

  2) When accessing any web application resource with valid token:

  Code: 200
  Content:

  
  [ Requested content ]
  

• Error Response:

  • Code: 500 Internal Server Error
    

  OR

  • Code: 401 UNAUTHORIZED
    Content: { error : "Wrong login or password." }

  OR

  • Code: 401 UNAUTHORIZED
    Content: { error : "Access denied. Your token is invalidated or expired." }

• Sample Call:

  
  curl -X POST --data "user%5Bemail%5D=admin@admin&user%5Bpassword%5D=12345678" http://localhost:3000/api/login.json

curl -H "Authorization: Token token=431a5e75aefb0353d67f41f2b7ea76f5" http://localhost:3000/api/users.json

curl -H "Authorization: Token token=431a5e75aefb0353d67f41f2b7ea76f5" -g http://localhost:3000/api/dynamic_objects/search\?center\[lat\]\=53.9116664\&center\[lng\]\=27.5651747\&radius\=3