Skip to content

Managing the session and Authentication

Jump to bottom Edit New page
Davide Nicolini edited this page May 14, 2022 · 7 revisions

Authentication

For authenticating yourself, you need to put in the HTTP header of the request the Key Authorization
and in the value the string Token, a space and the token obtained from TARALLO.

e.g. Authorization: Token yoLeCHmEhNNseN0BlG0s3A:ksfPYziGg7ebj0goT0Zc7pbmQEIYvZpRTIkwuscAM_k

Specifically, that's the default token for the development version. When you do a make up, you get that token already configured.

If you want to add more tokens (e.g. in production):

  1. Open TARALLO
  2. Go to Options
  3. Type any description ("My awesome program that accesses the APIs")
  4. Press "Get token"
  5. Copy the token from the green confirmation message

Part of the token is hashed in the database, that's why it's replaced by ********** in the table, copy it from the green thing 'cause that's the only time you're going to see it un-hashed and in plain text.

Checking the session status

Do a GET request to /v2/session.
In case of session expired or user not authenticated the response will look like this:

{
  "exception": "WEEEOpen\\Tarallo\\HTTP\\AuthenticationException",
  "message": "Not authenticated or session expired"
}

If the session is valid the response will look like this:

{
  "username": "John.Doe",
  "cn": "John Doe",
  "level": 0
}

Response codes:
200 - The user is authenticated (valid session)
401 - The user is not authenticated or session has expired

Add a custom footer
Add a custom sidebar
Clone this wiki locally