This is a demo project that shows the use of JSON Web Tokens (https://jwt.io/).
The JWT tokens are created with a auth_token
in the claims. A logged in user
sends a header with the JWT token. The signature of the token is validated
and then the auth_token
is extracted and validated in Postgres.
Endpoint to register a new user.
{
"email": "test@example.com",
"password": "aPassword",
"firstName": "FirstName",
"lastName": "LastName"
}
email
will be used as a unique key in the database.
All responses are in JSON. This one will include the "token" field with the JWT token in it.
{
"token": "some_jwt_token"
}
Login a user endpoint. The body will have the following:
{
"email": "test@example.com",
"password": "aPassword"
}
Like register the response is the JWT token.
{
"token": "some_jwt_token"
}
Retrieve a JSON object with all of the users in it.
The user must be logged in with a valid X-Authentication-Token
header.
{
"users": [
{
"email": "test@example.com",
"firstName": "FirstName",
"lastName": "LastName"
}
]
}
This will update the user table. Only two fields are updated. The user must be logged into to
perform the update. The update will be for the user's own data. The user will be identified
by the auth_token
.
{
"firstName": "NewFirstName",
"lastName": "NewLastName"
}
The response can body will be
{
"status": "success",
}
on a successful update.
Look at INSTRUCTIONS.md.