Leosac
0.8.0
Open Source Access Control
|
Expose a web-socket based API to Leosac.
OUTDATED ! WILL NEED REWRITE ONCE THE API STABILIZES.
The module expose Leosac's internals and various information through a websocket API. This API is intended to be mostly consumed by a web interface.
We'll start by describing the packet format, and then enumerate the available API call.
The message format sent to Leosac by clients is simple.
Label | Description |
---|---|
type | A required string describing the API endpoint targeted by the message. |
uuid | A UUID string that uniquely identify the message. |
content | Message specific content. |
This section describes the format of Websocket messages sent by Leosac. They use a well defined base structure, of which a content
field is used for message specific data.
Label | Description |
---|---|
status_code | An integer representing the status code of request processing. |
status_string | An optional string explaining the status . |
type | A required string describing the API endpoint attached to the message. |
uuid | A UUID string that uniquely identify the message. |
content | Message specific content. |
Note:
status
indicates whether or not processing the request went well. As an example, even a failed authentication would have a global status code of Leosac::APIStatusCode::SUCCESS. The authentication failure would be specified in the content
field of the packet.type
is useful only for message that are not sent in response to a request. However, it is still required. When responding to a request, theFor status
code value, see Leosac::APIStatusCode.
Below are a few examples in a few different situations.
In this case, the user failed to authenticate because he sent invalid credential.
In this case, the database crashed when processing the request. The credentials validity is unknown.
In this case, the user was already authenticated. The request didn't made it to the create_auth_token() call.
This parts describe the API provided by the module.
The websocket API is asynchronous. Requests are identified by a UUID generated by the client, and the response will re-use this UUID to indicate a response that match said request.
Opportunistic messages from server (aka not a response to a request) will also use an UUID, this time generated by the server.
This parts of the API is fully public, meaning that it doesn't require authentication in order to issue requests.
To do pretty much anything against Leosac you need to authenticate.
These API method are available to authenticated clients.