Auth

We use so-called auth tickets that authorize you to the app. Those are just auth_tkt cookies.

Registration

Send POST request to /auth with the following body template:

{"nickname": "nickname",
 "password": "password",
 "email": "mail@provider.com",
 "action": "register"}

Status	Comment
`200 OK`	Account created successfully.
`400 Bad Request`	An error occured.

Request

Response

POST /auth HTTP/1.1 ...

{"nickname": "user", "password": "passwd", "email": "user@example.com", "action": "register"}

HTTP/1.1 200 OK ...

{"success": true, "data": "Account created successfully!", "code": 200, ...}

POST /auth HTTP/1.1 ...

{"nickname": "", "password": "", "email": "", "action": "register"}

HTTP/1.1 400 Bad Request ...

{"success": false, "code": 400, ...

Send a POST request to /auth with the following body template:

{"nickname": "nickname",
 "password": "password",
 "action": "log-in"}

Status	Comment
`200 OK`	Logged in successfully.
`400 Bad Request`	An error occured.

Several auth_tkt cookies are sent back via Set-Cookie headers when logged in.

Request

Response

POST /auth HTTP/1.1 ...

{"nickname": "user", "password": "passwd", "action": "log-in"}

HTTP/1.1 200 OK
Set-Cookie: auth_tkt;...
...
{"success": true,
"code": 200,
"data": "Logged in successfully.",
...}

POST /auth HTTP/1.1
...
{"nickname": "",
"passwd": "",
"action": "log-in"}

HTTP/1.1 400 Bad Request
...
{"success": false,
"code": 400,
...}

Requires authorization.

Send a POST request to /auth with the following body template:

{"action": "log-out"}

Status	Comment
`200 OK`	Logged out successfully.

Several Set-Cookie headers are sent when logged out. They clean out old auth ticket cookies.

Request	Response
POST /auth HTTP/1.1 Cookie: auth_tkt;... ... {"action": "log-out"}	HTTP/1.1 200 OK Set-Cookie: ... ... {"success": true, "code": 200, "data": "Logged out successfully.", ...}

Version	Changes
`3.0.1`	Reissue tickets on every request.