Users
Get All Users
Gets the information of all of the users associated with the application.
GET /api/users
Permissions
User must be logged in. User requesting information must be an admin.
Success Response
200 OK
[
{
"id": 1,
"email": "user@email.com",
"passwordHash": "$2b$10$OF9dkTACKLj37.owKZALdKs14.o6w/6Af2BDy",
"isAdmin": true,
"sessionToken": "4e68632ad49bcef5504343eba6fd65de",
"loginTime": 1526758568372,
"lastTokenCheck": 1526759265497
}
]
Get Logged In User
Gets the information of the user that is currently logged into the MyCRT application.
GET /api/users/me
Permissions
User must be logged in.
Success Response
200 OK
{
"id": 1,
"isAdmin": false,
"email": "user@email.com"
}
Login
Logs a user into the system.
POST /api/users/login
Permissions
User must already be registered in the system.
Body Params
Param
Description
Optional/Required
email=[string]
Email registered to the user
Required
password=[string]
Password associated with the user’s email
Required
Sample Request Body
{
"email": "user@email.com",
"password": "password"
}
Success Response
200 OK
{
"id": 1,
"email": "user@email.com",
"isAdmin": false
}
Error Response
403 FORBIDDEN
{
"code": 403,
"message": "Invalid Password."
}
Logout
Logs a user out of the system.
PUT /api/users/logout
Permissions
User must be logged in.
Success Response
200 OK
Sign Up
Registers a user so that they can use MyCRT.
POST /api/users/signup
Permissions
None
Body Params
Param
Description
Optional/Required
email=[string]
Email to sign up to the application with
Required
password=[string]
Password used to log into the application. Must be between 8 and 64 chars
Required
agreeToTerms=[boolean]
True if user agrees to terms of service. Must be true to register to the application
Required
Sample Request Body
{
"email": "user@email.com",
"password": "password",
"agreeToTerms": true
}
Success Response
200 OK
{
"id": 1,
"email": "user@email.com",
"isAdmin": false
}
Error Response
400 BAD REQUEST
{
"code": 400,
"message": "You must accept the terms of use."
}
{
"code": 400,
"message": "An account with that email address already exists."
}
Delete User
Removes a user from the system.
DELETE /api/users/{id}
Permissions
User must be logged in. User requesting the deletion must be an admin.
Query Params
Param
Description
Optional/Required
id=[number]
id of the user to delete
Required
Success Response
200 OK
Error Response
401 UNAUTHORIZED
{
"code": 401,
"message": "Admin login required"
}
Last updated