Admin
Use the API to managing users, keys, and access as PDAP staff
Base URL
Login & API keys
Creates a new user.
POST [base-url]/user
Users can sign up for an account through the post function in resources/User.py. The user's password is hashed using werkzeug.security’s generate_pasword_hash function. The user's email and hashed password is stored in the users table in the Data Sources database.
Request Body
| Name | Type | Description |
|---|---|---|
email* | String | User's email - must be unique |
password* | String | User's password |
Updates user password.
PUT [base-url]/user
Users can update their password through the put function in resources/User.py. The user's password is hashed using werkzeug.security’s generate_pasword_hash function. The user's email and hashed password is stored in the users table in the Data Sources database.
Request Body
| Name | Type | Description |
|---|---|---|
email* | String | User's email - must be unique |
password* | String | User's password |
Logs in the user.
POST [base-url]/login
The login function can be found through the get function in resources/Login.py. If the email and password match a row in the database, "Successfully logged in" will be returned.
Request Body
| Name | Type | Description |
|---|---|---|
email* | String | Matches exactly with the "email" property in user's table |
password* | String | Checked against the password_digest for the user with the matching "email" property using werkzeug.security’s check_password_hash function |
Refreshes the user's session token.
POST [base-url]/refresh-session
The logic can be found in the post function in resources/RefreshSession.py. If the old session token matches a row in the database, "Successfully refreshed session token" will be returned.
Request Body
| Name | Type | Description |
|---|---|---|
email* | String | Matches exactly with the "email" property in user's table |
password* | String | Checked against the password_digest for the user with the matching "email" property using werkzeug.security’s check_password_hash function |
Sends user a password reset link.
POST [base-url]/request-reset-password
This functionality can be found in the get function in resources/RequestResetPassword.py. If the email and password match a row in the database, "Successfully logged in" will be returned.
Request Body
| Name | Type | Description |
|---|---|---|
email* | String | Matches exactly with the "email" property in user's table |
Sends user a password reset link.
POST [base-url]/request-reset-password
This functionality can be found in the get function in resources/RequestResetPassword.py. If the email and password match a row in the database, "Successfully logged in" will be returned.
Request Body
| Name | Type | Description |
|---|---|---|
email* | String | Matches exactly with the "email" property in user's table |
Reset password token check.
POST [base-url]/reset-token-validation
This functionality can be found in the get function in resources/ResetTokenValidation.py. If the token matches a row in the database, "Token is valid" will be returned.
Path Parameters
| Name | Type | Description |
|---|---|---|
token* | String | Reset password token |
Returns an API key for a valid user and password.
GET [base-url]/api_key
The key generation function can be found through the get function in resources/ApiKey. If the email and password match a row in the database, a new API key is created using uuid.uuid4().hex, updated in for the matching user in the users table, and the API key is sent to the user.
Request Body
| Name | Type | Description |
|---|---|---|
email* | String | Matches exactly with the "email" property in user's table |
password* | String | Checked against the password_digest for the user with the matching "email" property using werkzeug.security’s check_password_hash function |
Last updated