Difference between revisions of "API"

From SoFurry
Jump to: navigation, search
(Authentication)
(Authentication)
 
(9 intermediate revisions by 2 users not shown)
Line 13: Line 13:
 
Here's how you might write some PHP to make an authenticated request to the API - for example, retrieving a submission.
 
Here's how you might write some PHP to make an authenticated request to the API - for example, retrieving a submission.
  
  // We're doing: GET /submission/5
+
  <code class="php">// We're doing: GET /submission/5
 
  $ch = curl_init("<nowiki>http://api.sofurrybeta.com/submission/5</nowiki>");
 
  $ch = curl_init("<nowiki>http://api.sofurrybeta.com/submission/5</nowiki>");
 
   
 
   
Line 53: Line 53:
 
   // HTTP 500 means there's a temporary server issue
 
   // HTTP 500 means there's a temporary server issue
 
  }
 
  }
 +
</code>
  
 
If you're unable to access the API over HTTPS, and you're using PHP, you might not have a CA bundle installed. See http://php.net/manual/en/function.curl-setopt.php#110457 for a solution to that.
 
If you're unable to access the API over HTTPS, and you're using PHP, you might not have a CA bundle installed. See http://php.net/manual/en/function.curl-setopt.php#110457 for a solution to that.
Line 60: Line 61:
 
To login to SoFurry, you'd POST your username and password to an endpoint, then use the token it issues in future requests. Here's how you might log in using PHP:
 
To login to SoFurry, you'd POST your username and password to an endpoint, then use the token it issues in future requests. Here's how you might log in using PHP:
  
  // Logging into SoFurry
+
  <code class="php">// Logging into SoFurry
  $ch = curl_init("http://api.sofurry.com/login");
+
  $ch = curl_init("<nowiki>http://api.sofurry.com/login</nowiki>");
 
  curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
 
  curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
 
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
 
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
  curl_setopt($ch, CURLOPT_POSTFIELDS, '{ "email": "drgn@tetsudra.com", "password": "ableist1353" }');
+
  curl_setopt($ch, CURLOPT_POSTFIELDS, '{ "username": "tetsudra", "password": "ableist1353" }');
 
  curl_setopt($ch, CURLOPT_HTTPHEADER, [
 
  curl_setopt($ch, CURLOPT_HTTPHEADER, [
 
     'Content-Type: application/json'
 
     'Content-Type: application/json'
Line 73: Line 74:
 
   
 
   
 
  if ($login->result)
 
  if ($login->result)
     $token = $login->token;
+
     $token = $login->token;</code>
  
 
Now that you've got your $token, you can use it to authenticate future requests, by adding it with the X-SoFurry-Token header.
 
Now that you've got your $token, you can use it to authenticate future requests, by adding it with the X-SoFurry-Token header.
  
  // Retrieving the user you're logged in as
+
  <code class="php">// Retrieving the user you're logged in as
  $ch = curl_init("https://sfx-api-tetsudra.c9users.io/user");
+
  $ch = curl_init("<nowiki>http://api.sofurry.com/user</nowiki>");
 
  curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
 
  curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
 
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
 
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
Line 89: Line 90:
 
  $user = json_decode($json);
 
  $user = json_decode($json);
 
   
 
   
  echo $user->email; // drgn@tetsudra.com
+
  echo $user->email; // drgn@tetsudra.com</code>
  
 
You'll need to be authenticated in order to almost anything of value on SoFurry.
 
You'll need to be authenticated in order to almost anything of value on SoFurry.

Latest revision as of 14:25, 15 May 2016

This page deals with the new-format REST API being developed as part of SoFurry NEXT. For documentation on the current "v3" API, please see SoFurry_REST_APIs.

About the API

The SoFurry API is a stateless REST API, designed to work purely with JSON. For the nerdy, the underlying framework is Lumen 5.2

While the API is in development, along with the rest of SoFurry, the base URL will be http://api.sofurrybeta.com - once it changes over to production, the base URL will be https://api.sofurry.com

To get started using the API, you won't need much - just some HTTP basics, and the ability to read and write JSON.

Making a simple API request

Here's how you might write some PHP to make an authenticated request to the API - for example, retrieving a submission.

// We're doing: GET /submission/5
$ch = curl_init("http://api.sofurrybeta.com/submission/5");

// GET, POST, PUT, DELETE are all used in some form or another
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");

// Add our authentication token, and ensure the request is sent
// with the correct content type (which is just good practice)
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Content-Type: application/json', 
    'X-SoFurry-Token: 1:cbe30d2d960b4b5eb65ababdf79eb6b1'
]);

// We need to see the resulting content
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);

// Run the request
$json = curl_exec($ch);

// Check the HTTP code we got back from the server
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);

if ($http_code == 200)
{
  // Our request was successful!
  
  // Decode the JSON into a usable object
  $submission = json_decode($json);
  
  // And do something with it
  echo $submission->title; // "My awesome artwork"
  
}
else
{
  // Something went wrong! we'll have an error message here.
  // If $http_code is 422, it usually means you sent something incorrectly
  // HTTP 404 means you're looking for a resource you either can't see, or that doesn't exist
  // HTTP 500 means there's a temporary server issue
}

If you're unable to access the API over HTTPS, and you're using PHP, you might not have a CA bundle installed. See http://php.net/manual/en/function.curl-setopt.php#110457 for a solution to that.

Authentication

To login to SoFurry, you'd POST your username and password to an endpoint, then use the token it issues in future requests. Here's how you might log in using PHP:

// Logging into SoFurry
$ch = curl_init("http://api.sofurry.com/login");
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, '{ "username": "tetsudra", "password": "ableist1353" }');
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Content-Type: application/json'
]);

$json = curl_exec($ch);
$login = json_decode($json);

if ($login->result)
    $token = $login->token;

Now that you've got your $token, you can use it to authenticate future requests, by adding it with the X-SoFurry-Token header.

// Retrieving the user you're logged in as
$ch = curl_init("http://api.sofurry.com/user");
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Content-Type: application/json',
    'X-SoFurry-Token: 1:e99568fcbfde573385e1fff301e5e41b'
]);

$json = curl_exec($ch);
$user = json_decode($json);

echo $user->email; // drgn@tetsudra.com

You'll need to be authenticated in order to almost anything of value on SoFurry.

Note Logging in will invalidate all previous tokens!

API Routes

This table contains all the methods and URLs that the API currently supports. For more information on using a particular route, simply go through to that route's page.

Some routes have no parameters at all, and can be accessed simply by doing the HTTP request. Some routes require parameters as part of the URL - they will be denoted by curly braces, and are always mandatory. Some requests expect parameters to be sent in the body of a JSON request.

Users and Profiles

These routes are all about managing user accounts and profiles. Not all the routes are secure (require authentication).

Route Parameters Description Need Token? Status
GET / Returns the version of the API No Live
POST /login email, password Validates the supplied credentials and returns an authentication token that should be used for all future requests No Live
POST /activate activate_token Activates a newly-registered user, enabling you to log in No Live
POST /user name, email, password Register a new user account and trigger a validation email to the supplied email address No Live
GET /user Returns a JSON object with the profile details of the authenticated user Yes Live
GET /user/{id} id=User ID Returns the profile information for a different User ID. Yes Live
PUT /user bio Make an update to the profile of the authenticated user by overwriting several fields. Yes Live

Submissions

These routes are all about creating and managing individual submissions.

To do: Search submissions

Route Parameters Description Need Token? Status
POST /submission title, type, rating, description, visible Create a new Submission record. It won't be shared until it has been populated with some content Yes Live
GET /submission/{id} id=Submission ID Retrieve a Submission JSON object. Yes Live
PUT /submission/{id}/content id=Submission ID, (binary stream) Store a binary content stream against a submission. By default, populating a submission for the first time will publish it to your watchers, and the global gallery. Yes Live

Forum

Methods for interacting on forums, still in development

Galleries

A Gallery is a collection of artwork. By default, there is a global SoFurry Gallery into which all content is published.

As a user, a gallery is created for you as soon as you upload your first piece of content. Galleries can also be created to curate content, and are created to support RP Universes.

RP Universes

An RP Universe is built around a collection of roleplay posts, supplemented by artwork. These methods are for creating new universes, inviting characters to participate, the actual participation, and linking relevant content into the Universe.

Character System

The Character system allows users to create roleplaying characters, which can be used to interact across the site.

Journals

Methods for creating and updating journal entries

Private Messages

Methods for listing, reading and sending Private Messages

Chatrooms

List and get connection info for chatrooms. The actual rooms will be joined using a different method.