Labs/Weave/ServerAPI

From MozillaWiki
Jump to navigation Jump to search

Back to Labs/Weave.

sm-labs01 Server API

Currently, there is a RESTy API at https://sm-labs01.mozilla.org:81/register/ that allows for remote account creation and password changes. Here is a brief description of how it works.

General

Only two types of HTTP requests are made at any point in time, a GET or a POST.

The server will return as a response an appropriate HTTP status code and the body will contain a comma-seperated list of numbers, whose meaning is described a little later. Generally, the status code and the body value is what you have to preserve to inspect.

Status Codes

* 400 Bad Request -- Will be returned if there was an error in the client's request. The numbers in the response body indicate what the errors were.
* 405 Method Not Allowed -- Trying to use GET where POST is to be used, and other such mismatches. No body.
* 201 Created -- Returned when an account as been successfully created. Body will contain a number to be interpreted as indicated in the table below.
* 417 Expectation Failed -- Returned when the client submitted all data correctly, except for the captcha elements. The response body will contain the HTML code required to display a new captcha.
  • 200 OK -- Returned when the user's password was changed successfully. No body.

Account Creation

In order to avoid automated registrations, we use a two step process and incorporate a captcha. First, you need to perform a GET request at https://sm-labs01.mozilla.org:81/register/new/. This will return the HTML required to display a captcha to the user.

In the second step, you collect all the other information and make a POST request to the same address, with the following fields:

uid, password, mail, recaptcha_challenge_field, recaptcha_response_field

Of these, only 'mail' is optional. recaptcha_challenge_field and recaptcha_response_field are form fields that can be found in the HTML returned earlier.

Analyze the returned HTTP status code and body with the help of the table below and decide on the next course of action (Confirming to the user that the account was created, informing him that the username is already in use... etc.)

Changing Password

This requires a single POST to https://sm-labs01.mozilla.org:81/register/chpwd/ with the fields:

uid, password, new

Analyze the returned HTTP status code and body with the help of the table below and decide on the next course of action.

Checking in userID already exists

Sometimes you may want to check is a particular userID already exists asynchronously. This requires a single GET request to https://sm-labs01.mozilla.org:81/register/check/<username> (Replacing <username> with desired username).

Analyze the returned HTTP status code and body with the help of the table below and decide on the next course of action.

Body numeric codes and their meanings

Retrieved from "https://wiki.allizom.org/index.php?title=Labs/Weave/ServerAPI&oldid=96905"