Users

Get All Users

Gets the information of all of the users associated with the application.

GET /api/users

Permissions

User must be logged in. User requesting information must be an admin.

Success Response

200 OK
[
    {
        "id": 1,
        "email": "user@email.com",
        "passwordHash": "$2b$10$OF9dkTACKLj37.owKZALdKs14.o6w/6Af2BDy",
        "isAdmin": true,
        "sessionToken": "4e68632ad49bcef5504343eba6fd65de",
        "loginTime": 1526758568372,
        "lastTokenCheck": 1526759265497
    }
]

Get Logged In User

Gets the information of the user that is currently logged into the MyCRT application. 

GET /api/users/me

Permissions

User must be logged in.

Success Response

200 OK
{
    "id": 1,
    "isAdmin": false,
    "email": "user@email.com"
}

Login

Logs a user into the system.

POST /api/users/login

Permissions

User must already be registered in the system.

Body Params

Param

Description

Optional/Required

email=[string]

Email registered to the user

Required

password=[string]

Password associated with the user’s email

Required

Sample Request Body

{
 "email": "user@email.com",
 "password": "password"
}

Success Response

200 OK
{
    "id": 1,
    "email": "user@email.com",
    "isAdmin": false
}

Error Response

403 FORBIDDEN
{
    "code": 403,
    "message": "Invalid Password."
}

Logout

Logs a user out of the system. 

PUT /api/users/logout

Permissions

User must be logged in.

Success Response

200 OK

Sign Up

Registers a user so that they can use MyCRT.

POST /api/users/signup

Permissions

None

Body Params

Param

Description

Optional/Required

email=[string]

Email to sign up to the application with

Required

password=[string]

Password used to log into the application. Must be between 8 and 64 chars

Required

agreeToTerms=[boolean]

True if user agrees to terms of service. Must be true to register to the application

Required

Sample Request Body

{
 "email": "user@email.com",
 "password": "password",
 "agreeToTerms": true
}

Success Response

200 OK
{
    "id": 1,
    "email": "user@email.com",
    "isAdmin": false
}

Error Response

400 BAD REQUEST
{
    "code": 400,
    "message": "You must accept the terms of use."
}
{
    "code": 400,
    "message": "An account with that email address already exists."
}

Delete User

Removes a user from the system.

DELETE /api/users/{id}

Permissions

User must be logged in. User requesting the deletion must be an admin.

Query Params

Param

Description

Optional/Required

id=[number]

id of the user to delete

Required

Success Response

200 OK

Error Response

401 UNAUTHORIZED
{
    "code": 401,
    "message": "Admin login required"
}
PreviousREST APINextEnvironments

Last updated