# Authentication
# About
The authentication system is based on the token obtained during logging. The token is stored in browser's local storage and is then automatically attached to each request's header.
# Logging in
WARNING
No authorization header is attached to this request (more on this topic).
POST */auth/login
Parameters:
| Field | Type | Description |
|---|---|---|
| String | User email | |
| password | String | User password |
Success 200:
| Field | Type | Description |
|---|---|---|
| permissions | String[] | List of user permissions (Array of strings). The list is used to limit the modules displayed in the sidebar and to restrict access to selected modules. |
| token | String | Token generated by API. The token is attached to all next requests to authenticate the user. |
| user | Object | User data. Obligatory parameters: name, email. |
| name | String | User name |
| user | String | User email |
Error 4xx:
| Field | Type | Description |
|---|---|---|
| error | String | An error message |
Error 5xx:
| Field | Type | Description |
|---|---|---|
| error | String | An error message |
# Module guard
The query is performed when switching to the new page and is used to verify if the user still has a valid token.
GET */auth/user
Parameters:
| Field | Type | Description |
|---|---|---|
| - | - | - |
Success 200:
| Field | Type | Description |
|---|---|---|
| - | - | - |
Error
| Field | Type | Description |
|---|---|---|
| error | String | An error message |
# Logging off
INFO
Authorization header is not obligatory (more on this topic).
POST */auth/logout
Parameters:
| Field | Type | Description |
|---|---|---|
| - | - | - |
Success 200:
| Field | Type | Description |
|---|---|---|
| status | Number | 0 |
Error
| Field | Type | Description |
|---|---|---|
| error | String | An error message |