Autorization and Authentication

Technologies

This project was developed using the following technologies:

Prerequisites

Install:

- Python 3.9 - Pip library

To get started

Follow the steps:

Clone into the repository and go into project's folder:

```bash $ git clone https://github.com/Kenzie-Academy-Brasil-Developers/q3-sprint6-autenticacao-e-autorizacao-lsmescolotto $ cd q3-sprint6-autenticacao-e-autorizacao-lsmescolotto ```

Create virtual enviroment:

```bash $ python -m venv venv ```

Activate virtual enviroment:

``` $ source venv/bin/activate ```

Install libraries:

```bash $ pip install -r requirements.txt ```

Run flask:

```bash $ flask run ```

Start sending requests:

Use an API request sending platform like Insomnia

base URL

http://127.0.0.1:5000/api

Endpoints

This API has 5(five) endpoints to: signup, signin, update user, delete user and get user info.

Authentication not required routes

User Sign Up

POST /signup - REQUEST FORMAT

{
"name": "Jane",
"last_name": "Doe",
"email": "janedoe@email.com",
"password": "123456"
}

If the request is corret, the user will be signed up:

POST /signup - REPONSE FORMAT - STATUS 201

{
"email": "janedoe@mail.com",
"last_name": "Doe",
"name": "Jane"
}

If the email adress is already in use:

STATUS 400

{"message":"Email already exists"}

User Sign In

POST /signin - REQUEST FORMAT

{
  "email": "janedoe@email.com",
  "password": "123456"
}

If the request is corret, the user will be signed in: POST /signin - RESPONSE FORMAT - STATUS 201 Flask-JWT-Extended

{
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6ImphbmVkb2VAbWFpbC5jb20iLCJpYXQiOjE2NDMyNTAwMDAsImV4cCI6MTY0MzI1MzYwMCwic3ViIjoiMyJ9.z90xWRIE7pfKRsw-YqqqUtRxBZGtBPgSZ63yqW04qSc"
}

Flask-HTTPAuth

{
  "api_key": "eyJhbGciOiJIUzI"
}

If the user is not signed up, it will not be possible to login:

STATUS 404

{"message": "user not found"}

If the password is not corret:

STATUS 400

{ "message": "Unauthorized" }

Authorization required routes 🔐

These routes need to have the token in the request Header "Authotization" field: Authorization: Bearer {token}

Update user

PUT - REQUEST FORMAT

{
  "name": "Johana",
  "last_name": "Doe",
  "email": "johanadoe@mail.com",
  "password": "123456"
}

If the request is corret, the user will be updated: PUT - RESPONSE FORMAT - STATUS 200

{
  "name": "Johana",
  "last_name": "Doe",
  "email": "johanadoe@mail.com",
  "password": "123456"
}

If the user is not found: STATUS 404

{ "message": "user not found" }

If the token is not corret:

STATUS 400

{ "message": "Unauthorized" }

Get user

GET - REQUEST FORMAT No Body

GET - REPONSE FORMAT - STATUS 200

{
  "email": "janedoe@mail.com",
  "last_name": "Doe",
  "name": "Jane"
}

If the user is not found: STATUS 404

{ "message": "user not found" }

If the token is not corret:

STATUS 400

{ "message": "Unauthorized" }

Delete user

DELETE - REQUEST FORMAT No Body

If the request is corret, the user will be deleted: RESPONSE FORMAT - STATUS 204 No Body

If the user is not found: STATUS 404

{ "message": "user not found" }

If the token is not corret:

STATUS 400

{ "message": "Unauthorized" }

Developed by Luiza Schmidt Mescolotto

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
app		app
migrations		migrations
.env.example		.env.example
.gitignore		.gitignore
README.md		README.md
requirements.txt		requirements.txt

lsmescolotto/q3-sprint6-autenticacao-e-autorizacao-lsmescolotto

Folders and files

Latest commit

History

Repository files navigation

Autorization and Authentication

Technologies

Prerequisites

Install:

To get started

Follow the steps:

Clone into the repository and go into project's folder:

Create virtual enviroment:

Activate virtual enviroment:

Install libraries:

Run flask:

Start sending requests:

base URL

Endpoints

Authentication not required routes

User Sign Up

User Sign In

Authorization required routes 🔐

Update user

Get user

Delete user

About

Topics

Resources

Stars

Watchers

Forks

Languages