search

globaleaks / globaleaks-whistleblowing-software

GlobaLeaks is free, open-source whistleblowing software enabling anyone to easily set up and maintain a secure reporting platform.
https://www.globaleaks.org
Other
1.23k stars 271 forks source link

Admin API globaleaks #3294

Open gonzalob-ogovsystem opened 2 years ago

gonzalob-ogovsystem commented 2 years ago

Hi, is there a way to interact with admin interface via API, like creating new sites, new users or modify network settings.

Thanks for your time. Best regards

evilaliv3 commented 2 years ago

Thank you for your question.

The GlobaLeaks backend implements a REST API that is intended to become standard and enable such us cases but unfortunately at the moment we miss proper public documentation.

Techically speaking it does already enable to do everything that the web application does because the web application use that for interacting with the server.

fpandolfi64 commented 1 year ago

Hi, Regarding the REST API it is possible to have the YAML file for the documentation of the API? Thanks for your time. Best regards

evilaliv3 commented 1 year ago

Thank you for your question @fpandolfi64

At the moment unfortunately for the API we have still not a formal documentation. Do you have experience with such an activity? Is there any open source that you would advise to use?

NerdySoftPaw commented 1 year ago

I know it's an old topic, but I'm also intressted in an API Documentation. I can recommend f.ex. swagger for this task. it could create perfect API Docs.

evilaliv3 commented 1 year ago

Thank you @KevKugler for the suggestion.

Would you please share a link of reference? Unfortunately the current API interface is designed manually because twisted do not have a native rest support but maybe it wont be difficult to write a component that at least generate a skeleton of documentation.

Do you have any experience on this kind of work?

NerdySoftPaw commented 1 year ago

you're welcome @evilaliv3,

https://swagger.io/tools/swagger-codegen/ with this you can easily generate a documentation it has a lot of integrations.

giates commented 12 months ago

Hi, I know it's an old topic,

I've tried to read the sources and seems that to authenticate an admin using REST API I've to use

/api/auth/authentication

method passing tid (tenant id), username, password and authcode (empty string "") params.

When I try to call the method using POST the backend response is always:

InternalServerError [Invalid request: No token and no session].

Is that the correct method to authenticate and admin using the REST API ?

Any suggestions ?

Many thanks in advance...

evilaliv3 commented 12 months ago

Thank you for your question

The current API is for internal use and have unfortunately no bandwidth to follow-up on this topic.

In the future at the first opportunity we will try to implement a simplified API token.

giates commented 12 months ago

Many thanks Giovanni, hope this happens ASAP, have a nice day...