Attach metadata to users.
API_SECRET — secret to compare to for internal access level[]):
USERMETA_PUBLIC_KEYS — comma-separated list of keys (public read, token write)USERMETA_PROTECTED_KEYS — comma-separated list of keys (token read, token write)USERMETA_PRIVATE_KEYS — comma-separated list of keys (token read, secret write)USERMETA_MAX_LENGTH (optional, default 200) — max byte length of token-writable keys (those that don't require API_SECRET to be written)REDIS_AUTH_PORT_6379_TCP_ADDR — authdb redis hostnameREDIS_AUTH_PORT_6379_TCP_PORT — authdb redis portREDIS_USERMETA_PORT_6379_TCP_ADDR — meta redis hostnameREDIS_USERMETA_PORT_6379_TCP_PORT — meta redis portReading and writing different keys requires different access levels:
Keys that are not listed in env vars can't be read or written.
GET /:userIds/:keysRetrieve publicly available metadata. Both, :userIds and :keys are comma-separated list. Attach secret query string param to retrieve fields up to internal.
Missing or unknown keys, and those you are not allowed to read will be omitted (as opposed to being HTTP error).
Suppose country is public key and email is a protected one.
GET /alice,bob/country,email results in following JSON response:
{ "alice": {"country": "USA"},
"bob": {"country": "France"}
}GET /auth/:token/:keysRetrieve public, protected and private keys for a user with login token equal :token. Make :token be "API_SECRET.${userId}" to retrieve fields up to internal.
Missing or unknown keys, and those you are not allowed to read will be omitted (as opposed to being HTTP error).
Suppose country is public key, email is a protected one, and internalId is internal one.
GET /auth/alice-auth-token/country,email,internalId results in following JSON response:
{ "alice": {
"country": "USA",
"email": "alice@wonderland.com"
}
}In case of invalid token.
POST /auth/:token/:keyWrite public and protected meta value to a :key of a user :token points to. Make :token be "API_SECRET.${userId}" to write fields up to internal and no byte limit.
JSON with single key "value" and value being a string.
{ "value": "string to write as a meta value"
}In case of invalid token, trying to write private and up without API_SECRET, or unknown key.
{ "restCode": "InvalidCredentialsError",
"statusCode": 401,
"message": "Invalid credentials"
}In case of writing public or protected value of byte size greater than USERMETA_MAX_LENGTH env var without API_SECRET.
{ "restCode": "ValueTooBigError",
"statusCode": 413,
"message": "Value exceeds ${USERMETA_MAX_LENGTH} byte limit"
}POST /auth/:tokenTransactionally write multiple public and protected meta values of a user :token points to. Make :token be "API_SECRET.${userId}" to write fields up to internal and no byte limit.
Unlike getting multiple keys, this will either write all metas, or return an error.
Flat JSON object with strings. Keys are metanames.
{ "useful_info": "something valuable",
"second_key": "second key's value and so on…",
"more_keys": "{\"possibly\": true}"
}In case of invalid token, trying to write private and up without API_SECRET, or unknown key.
{ "restCode": "InvalidCredentialsError",
"statusCode": 401,
"message": "Invalid credentials"
}In case of writing public or protected value of byte size greater than USERMETA_MAX_LENGTH env var without API_SECRET.
{ "restCode": "ValueTooBigError",
"statusCode": 413,
"message": "Value exceeds ${USERMETA_MAX_LENGTH} byte limit"
}