# FORGE RESTful API Endpoint Guide

## Warning
The documentation is incomplete at the moment. Feel free to contribute to its completion.

## Introduction
FORGE now supports a low-level, lightweight and efficient RESTful API with optimal endpoints. The talk-to-server frequencies are kept to a bare minimum to enforce anonymity. Also the requests and responses are designed to minimize network activity. The *stateless* endpoints provided by the FORGE RESTful API are listed in the following lines. These greatly rely on the client-side application on how the security is maintained.

## Design
1. The API is HTTP-based so all requests and responses would come across as JSON documents with GET fetches.
2. Every successful response from the server would have a `retncode` index to state operational status.
3. Some responses from the server can consists of an array of JSON documents or nothing at all.
4. Application should imbibe security-by-design principles to avoid undue load of bad requests to the API servers.
5. There is a need of session management implemented inside the application as responses are stateless.

## Endpoints
Keep a note that `cloudurl` refers to the reachable URL of the RESTful API server

### Login request

```python
data = {
    "username": "<username>",
    "password": "<password>",
}
rqst = requests.get("<cloudurl>/entrydir/", json = data)
print(rqst.json())
```

The request takes up
* `USERNAME` - Username of the user.
* `PASSWORD` - Password of the user.

The possible state operational status in response are
* `LOGINOKE` - Action status code. The username and password are checked out and match perfectly. Application can allow login for the provided username.
* `ACNOEXST` - Action status code. The username and password are checked out but no account with such username exists. Application must not allow login for the provided username.
* `WRNGPSWD` - Action status code. The username and password are checked out but do not match. Application must not allow login for the provided username.

### Account creation

```python
data = {
    "fullname": "<fullname>",
    "username": "<username>",
    "password": "<password>",
    "emailadr": "<emailadr>",
}
rqst = requests.get("<cloudurl>/makeacnt/", json = data)
print(rqst.json())
```

The request takes up
* `FULLNAME` - Full name of the user.
* `USERNAME` - Username of the user.
* `PASSWORD` - Password of the user.
* `EMAILADR` - Email address of the user.

The possible responses are
* `ALRDYEXT` - Action status code. The username is checked with those in the database and was found to match with an existing user. Account creation has not taken place.
* `MADEACNT` - Action status code. The username is checked with those in the database and was found to not match with anyone. Account creation has taken place.
    * `PKCSIDEN` - PKCS identity. The username for the PKCS identity which has been created is also returned.

### Composing one-to-one directives

```python
data = {
    "sendernm": "<sendernm>",
    "receiver": "<receiver>",
    "subjtext": "<subjtext>",
    "conttext": "<conttext>",
}
make = requests.get("<cloudurl>/makemail/", json = data)
print(make.json())
```

The request takes up
* `SENDERNM` - Username of the sender.
* `RECEIVER` - Username of the receiver.
* `SUBJTEXT` - Subject of composed directive.
* `CONTTEXT` - Contents of composed directive.

The possible responses are
* `ACNOEXST` - Action status code. The username of the receiver specified does not exist. Directive could not be dispatched.
* `MAILSENT` - Action status code. The directive was dispatched successfully to the specified username.

### Fetching mails for inbox

```python
data = {
    "username": "<username>",
}
rqst = requests.get("<cloudurl>/inbxpage/", json = data)
print(rqst.json())
```

The request takes up
* `USERNAME` - Username of the user.

There is only one possible response here
* `INBXPAGE` - Action status code. The username is checked and both sent and received mails are synchronised from the server.
    * `RECVMAIL` - An array of embedded documents. This contains a list of received directives.
    * `SENTMAIL` - An array of embedded documents. This contains a list of sent directives.

### Removing a directive from inbox

```python
data = {
    "username": "<username>",
    "paradrct": "<paradrct>",
    "mailiden": "<mailiden>",
}
rqst = requests.get("<cloudurl>/rmovmail/", json = data)
print(rqst.json())
```

The request takes up
* `USERNAME` - Username of the user.
* `PARADRCT` - Type of directive. Either `send` or `recv`.
* `MAILIDEN` - Mail identification string.

There is only one possible response here
* `MSGRMOVD` - Action status code. The mail of the given identification has been removed.

### Fetching contacts of the user

```python
data = {
    "username": "<username>",
}
cont = requests.get("<cloudurl>/contacts/", json = {"username": "<username>"})
print(cont.json())
```

The request takes up
* `USERNAME` - Username of the user.

There is only one possible response here
* `CONTACTS` - Action status code. The queried user exists and the contacts have been fetched.
    * `CONTLIST` - An array of embedded documents. This contains a list of followed users.

### Following a user

```python
data = {
    "username": "<username>",
    "usercont": "<usercont>",
}
folo = requests.get("<cloudurl>/folocont/", json = data)
print(folo.json())
```

The request takes up
* `USERNAME` - Username of the user.
* `USERCONT` - Username of the user you wish to follow.

There is only one possible response here
* `USERFOLD` - Action status code. The specified user is followed by you now.

### Unfollowing a user

```python
data = {
    "username": "<username>",
    "usercont": "<usercont>",
}
unfo = requests.get("<cloudurl>/unfocont/", json = data)
print(unfo.json())
```

The request takes up
* `USERNAME` - Username of the user.
* `USERCONT` - Username of the user you wish to unfollow.

There is only one possible response here
* `USERUNFO` - Action status code. The specified user is unfollowed by you now.

### Fetching mails for trashcan

```python
data = {
    "username": "<username>",
}
trsh = requests.get("<cloudurl>/trashcan/", json = data)
print(trsh.json())
```

The request takes up
* `USERNAME` - Username of the user

There is only one possible response here]
* `TRASHCAN` - Action status code. The username is checked and both sent and received mails are synchronised from the server.
    * `RECVMAIL` - An array of embedded documents. This contains a list of received directives.
    * `SENTMAIL` - An array of embedded documents. This contains a list of sent directives.

### Restoring a mail from trashcan

```python
data = {
    "username": "<username>",
    "paradrct": "<paradrct>",
    "mailiden": "<mailiden>",
}
rstr = requests.get("<cloudurl>/rstrmail/", json = data)
print(rstr.json())
```

The request takes up
* `USERNAME` - Username of the user.
* `PARADRCT` - Type of directive. Either `send` or `recv`.
* `MAILIDEN` - Mail identification string.

There is only one possible response here
* `MSGRSTRD` - Action status code. The mail of the given identification has been restored.

### Purging a mail from trashcan

```python
data = {
    "username": "<username>",
    "paradrct": "<paradrct>",
    "mailiden": "<mailiden>",
}
purg = requests.get("<cloudurl>/rstrmail/", json = data)
print(purg.json())
```

The request takes up
* `USERNAME` - Username of the user.
* `PARADRCT` - Type of directive. Either `send` or `recv`.
* `MAILIDEN` - Mail identification string.

There is only one possible response here
* `MSGPURGD` - Action status code. The mail of the given identification has been purged.

### Listing all subscribed groups

```python
data = {
    "username": "<username>",
}
gpls = requests.get("<cloudurl>/grupdata/", json = data)
print(gpls.json())
```

The request takes up
* `USERNAME` - Username of the user.

There is only possible response here
* `GPLSFETC` - Action status code. The list of subscribed groups has been fetched.
    * `GRUPLIST` - An array of embedded documents. This contains a list of subscribed groups.

### Creating a new group

```python
data = {
    "username": "<username>",
    "grupname": "<grupname>",
    "namelist": "<namelist>",
}
gpmk = requests.get("<cloudurl>/makegrup/", json = data)
print(gpmk.json())
```

The request takes up
* `USERNAME` - Username of the user.
* `GRUPNAME` - Name of the group.
* `NAMELIST` - Space separated username collection.

The possible responses are
* `GRUPEXST` - Action status code. A group already exists with the same name. Group was not created.
* `PARTNOEX` - Action status code. One or more participants do not exist. Group was not created.
* `GRUPMADE` - Action status code. All participants were checked and add to the newly formed group.
    * `GRUPIDEN` - Group identification string. Helps distinctly recognize groups.

### Fetching mails for group inbox

```python
data = {
    "username": "<username>",
    "grupiden": "<grupiden>",
}
gpmd = requests.get("<cloudurl>/onegroup/", json = data)
print(gpmd.json())
```

The request takes up
* `USERNAME` - Username of the user.
* `GRUPIDEN` - Group identification string.

There is only possible response here
* `GRUPMAIL` - Action status code. Mails for the group have been successfully synchronised.
    * `GRUPDATA` - Group information about identity and active members.
    * `LISTMAIL` - An array of embedded documents. This contains a list of directives.
