Introduction
The HTTP API provides three special request endpoints to handle general authentication.
The endpoints are __status, __login and __logout.
Status
A status request, made to the endpoint __status can be made at any time to
retreive the current authenticated user and their authorization. information
is provided in a JSON object with the following fields:
| Key | Type | Description |
|---|---|---|
error_string |
String | If the user is not logged in, or another error occurs, the error will be described in this field. |
group_list |
String | If authenticated this field will exist and provide a comma separate list of groups the user has been authenticated with. |
logged_in |
Integer | If 1, the user is logged in. If 0, the user is not logged in. |
sid |
String | The Session ID of the user. This session ID is also sent through in a cookie, the name of which will depend on site-specific configuration, the default for which is N2FE_CGISESSID. |
sid_param |
String | The name of the cookie where the SID is stored. |
username |
String | If authenticated this field will exist and privide the username the user is logged in with. |
Example
Request:
curl 'http://localhost/jarvis-agent/n2fe/__status'
Response when a user is logged in:
{
"sid" : "9ee5ba92f2c91b0c3112e5c59bf5f82e",
"logged_in" : 1,
"group_list" : "ACS_BOSS,CCS Superuser",
"error_string" : "",
"username" : "su",
"sid_param" : "N2FE_CGISESSID"
}
Response when a user is not yet logged in:
{
"sid" : "1dfece296eff865fd1c324ab0fb0f044",
"logged_in" : 0,
"error_string" : "No username supplied.",
"sid_param" : "N2FE_CGISESSID",
"username" : "",
"group_list" : ""
}
Login
Login is performed via the special API endpoint __status. The username
and password for the login may be passed through as command line arguments,
or passed through as POST parameters.
| Parameter | Example | Description |
|---|---|---|
username |
su | The user to log in. |
password |
boss | The password the user has provided. |
The response will be provided in a JSON object. See the __status response
details in the previous section for details on the response content.
The API endpoint __login may be used as an alias for __status if desired.
Example
Request:
curl -v --data "username=su&password=boss" 'http://localhost/jarvis-agent/n2fe/__status'
Response:
{
"username" : "su",
"sid_param" : "N2FE_CGISESSID",
"logged_in" : 1,
"group_list" : "ACS_BOSS,CCS Superuser",
"error_string" : "",
"sid" : "84c72d53a9faf51c89411671785c6dd1"
}
The response provides the sid_param and sid, which should be used as the
HTTP cookie name and cookie value for subsequent requests. The response also
uses the Set-Cookie header to set this automatically for tools (such as web
browsers) that monitor for the header.
logout
Logout is performed by making a call using any method to the __logout endpoint:
Example
Request:
curl 'http://localhost/jarvis-agent/n2fe/__logout' -H 'Cookie: N2FE_CGISESSID=4876c530f3d7252330a95ea51007f252'
Response:
{
"group_list" : "",
"sid" : "",
"username" : "",
"logged_in" : 0,
"error_string" : "Logged out at client request.",
"sid_param" : "N2FE_CGISESSID"
}