The Authentication Microservice part of the final project for Internet Applications course held at Polytechnic University of Turin by Prof. Malnati and Prof. Servetti (a.y. 2016/2017).
This microservice requires authentication just for request to the endpoint /password.
Authentication is based on a token (JWT), obtained by providing the right credentials to the the endpoint /login.
The authentication token must be placed in the http request as Authorization header:
Authorization: Bearer XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
If a wrong authentication token is provided, a 401 Unauthorized code is returned.
| API | Method | Req. body | Query params | Status | Resp. body | Meaning |
|---|---|---|---|---|---|---|
/login |
POST |
LoginCredentials | 200 | Get an authentication token in the Authorization header of the http response |
||
| 400 | Login data are not valid, bad request | |||||
| 401 | Login credentials are wrong, bad request | |||||
/signup |
POST |
SignupCredentials | 200 | Register a new user | ||
| 400 | Signup data are not valid, bad request | |||||
| 409 | A profile for the same username or nickname already exists | |||||
/activate |
POST |
ActivationToken | token | 200 | Activate a new account | |
| 400 | Token not valid, activation failed | |||||
/authenticate |
POST |
token | 200 | Authenticate a user given a token | ||
| 401 | Token not valid, activation failed | |||||
/password |
PUT |
Password | 200 | Update the user password | ||
| 400 | Password is not valid, bad request |