module:api/users
- Description:
User management and authentication API
POST /auth
This API request returns the current user record from the bk_user table if the request is verified and the signature provided is valid. If no signature or it is invalid the result will be an error with the corresponding error code and message.
By default this endpoint is secured, i.e. requires a valid signature.
On successful login, the result contains full user record
POST /login
Same as the /auth but it uses secret for user authentication, this request does not need a signature, just simple login and secret query parameters to be sent to the backend. This must be sent over SSL.
Parameters:
- login - user login
- secret - user secret
On successful login, the result contains full user record
Example:
var res = await fetch("/login", { method: "POST", body: "login=test123&secret=test123" }); await res.json() > { id: "XXXX...", name: "Test User", login: "test123", ...}POST /logout
Logout the current user, clear session cookies if exist. For pure API access with the signature this will not do anything on the backend side.
To disable default endpoints set in bkjs.conf:
api-users-cap-disabled=1
- Source:
Members
(static) endpoint :string
- Description:
Router base endpoint
- Source:
- Default Value:
- >/
(static) table :string
- Description:
Table to use for users
- Source:
- Default Value:
- >bk_user
(static) users :object
- Description:
users loaded from a file
- Source:
Methods
(async, static) aadd(query, optionsopt) → {Promise}
- Description:
Async version of the module:api/users.add method
- Source:
Parameters:
| Name | Type | Attributes | Description |
|---|---|---|---|
query |
object | string | ||
options |
object |
<optional> |
Returns:
| Type | Description |
|---|---|
| Promise |
Example
const { err, data } = await api.users.aadd({ login: "john@mail.com", name: "John" });(static) add(query, optionsopt, callback)
- Description:
Registers a new user, returns new record in the callback,
- Source:
Parameters:
| Name | Type | Attributes | Description | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
query |
object | user record |
|||||||||||||
options |
object |
<optional> |
Properties
|
||||||||||||
callback |
function | as function(err, user) |
(async, static) adel(query, optionsopt) → {Promise}
- Description:
Async version of the module:api/users.del method
- Source:
Parameters:
| Name | Type | Attributes | Description |
|---|---|---|---|
query |
object | string | ||
options |
object |
<optional> |
Returns:
| Type | Description |
|---|---|
| Promise |
Example
const { err, data } = await api.users.adel({ login: "john@mail.com" });(async, static) aget(query, optionsopt) → {Promise}
- Description:
Async version of the module:api/users.get method
- Source:
Parameters:
| Name | Type | Attributes | Description |
|---|---|---|---|
query |
object | string | ||
options |
object |
<optional> |
Returns:
| Type | Description |
|---|---|
| Promise |
Example
const { err, data } = await api.users.aget("john@mail.com");(async, static) aupdate(query, optionsopt) → {Promise}
- Description:
Async version of the module:api/users.update method
- Source:
Parameters:
| Name | Type | Attributes | Description |
|---|---|---|---|
query |
object | string | ||
options |
object |
<optional> |
Returns:
| Type | Description |
|---|---|
| Promise |
Example
const { err, data } = await api.users.aupdate({ login: "john@mail.com", name: "John" });(static) auth(req, res)
- Description:
Authentication check with signature/session, endpoint middleware for /auth
- Source:
Parameters:
| Name | Type | Description |
|---|---|---|
req |
http.IncomingMessage | |
res |
http.ServerResponse |
(static) del(query, optionsopt, callback)
- Description:
Deletes an existing user by login or id, no admin checks, returns the old record in the callback
- Source:
Parameters:
| Name | Type | Attributes | Description | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
query |
object | string | user id or login or { id, login } |
|||||||||
options |
object |
<optional> |
Properties
|
||||||||
callback |
function | as function(err, user) |
(static) get(query, optionsopt, callback)
- Description:
Returns a user record by login or id, to make use of a cache add to the config
- Source:
Parameters:
| Name | Type | Attributes | Description |
|---|---|---|---|
query |
object | string | user id or login or { id, login } |
|
options |
object |
<optional> |
|
callback |
function | as function(err, user) |
(static) login(req, res)
- Description:
Login with just the secret without signature, endpoint middleware for /login
- Source:
Parameters:
| Name | Type | Description |
|---|---|---|
req |
http.IncomingMessage | |
res |
http.ServerResponse |
(static) logout(req, res)
- Description:
Clear sessions and access tokens, logout endpoint middleware for /logout
- Source:
Parameters:
| Name | Type | Description |
|---|---|---|
req |
http.IncomingMessage | |
res |
http.ServerResponse |
(static) update(query, optionsopt, callback)
- Description:
Updates an existing user by login or id,
- Source:
Parameters:
| Name | Type | Attributes | Description | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
query |
object | ||||||||||||||
options |
object |
<optional> |
Properties
|
||||||||||||
callback |
function | as function(err, user) |