auth

This endpoint is handled by authapi.views

GET /api/auth/check

Check whether the current user is logged in and retrieve information about the user.

This endpoint is handled by authapi.views.UserViewSet.get()

Example request:

GET /api/auth/check HTTP/1.1
Host: social.whs.in.th
Accept: application/json, text/javascript
Cookie: sessionid=.....

Example response when logged in:

HTTP/1.1 200 OK
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
Allow: GET, HEAD, OPTIONS

"whs"

Example response when not logged in:

HTTP/1.1 403 FORBIDDEN
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
Allow: GET, HEAD, OPTIONS

""

Response JSON Object:  

• username (string) – Username of current user

Status Codes:

• 403 Forbidden – User is not logged in

POST /api/auth/login

Authenticate user in by username/password combination. For Youniversity, it is usually used to authenticate against KU database via IMAP.

This endpoint is handled by authapi.views.LoginViewSet.post()

Example request:

POST /api/auth/login HTTP/1.1
Host: social.whs.in.th
Accept: application/json, text/plain, */*
Content-Type:application/json;charset=UTF-8

{username: "example", password: "example"}

Example of success response:

HTTP/1.0 200 OK
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Allow: POST, OPTIONS
Set-Cookie: csrftoken=Q0oxVmaGJUkyIV9tWuaLjl5yySa4HMcE; expires=Sun, 02-Oct-2016 09:37:27 GMT; Max-Age=31449600; Path=/
Set-Cookie: sessionid=2cceti4ju0x6t3l8wl62awpdttl6sp2p; expires=Sun, 18-Oct-2015 09:37:27 GMT; httponly; Max-Age=1209600; Path=/

"whs"

Example of failed response:

HTTP/1.0 403 FORBIDDEN
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Allow: POST, OPTIONS

{"detail":"Cannot log you in"}

Request JSON Object:  

• username (string) – Username
• password (string) – Password

Response JSON Object:  

• username (string) – Username of current user

Status Codes:

• 403 Forbidden – Cannot log user in with given credentials. The credentials may be invalid, the server may not be able to connect to authentication database, or the user may be disabled.

POST /api/auth/logout

This endpoint is handled by authapi.views.LogoutViewSet.post()

Example request:

POST /api/auth/logout HTTP/1.1
Host: social.whs.in.th
Accept: application/json, text/javascript
Cookie: sessionid=.....

**Example response*:

HTTP/1.1 200 OK
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
Allow: GET, HEAD, OPTIONS