REST API

LeapIn.it uses a REST endpoint for access to the database. This is a design pattern for hypermedia systems, which advocates providing individual resources (e.g., people) with unique URLs, and using those URLs to exchange structured information. HTTP requests can be made to these URLs, where HTTP methods are used to instruct what should happen with attached data, and status codes in responses are used to signal what happened with the data.

The following URL’s are available:

Requests are in JSON

URL Method Description
/api/auth
POST authenticate a user
201 “person with username and password hash have been found”

the person and a token

401 “username or password not found”
/api/auth/user
GET (params: token) get the person who is logged in
200 “person is logged in”

the person

404 “no person is logged in”
DELETE (params: token) delete the session (log out)
204 “session has been deleted”
404 “no session exists”
/api/person
POST create a person
201 “person created”

the person

401 “username already exists”
/api/person/:id
GET (params: token) get a person
200 “person exists”

the person

401 “not allowed to see this person”
404 “person does not exist”
PUT (params: token) modify the person
200 “person modified”

the person

401 “not allowed to modify this person”
404 “person does not exist”
DELETE (params: token) delete the person
204 “person has been deleted”
401 “not allowed to delete this person”
404 “person does not exist”
/api/person/:id/friend/
GET (params: token) get a person’s friend list
200 “person exists”

the person’s friend list

401 “not allowed to see this person’s friend list”
404 “person does not exist”
POST (params: token) add a new friend to this person
201 “friend added”

the new friend

401 “not allowed to see this person’s friend list”
404 “person does not exist”
DELETE (params: token) delete a friend
204 “friend removed”
401 “not allowed to see this person’s friend list”
404 “person does not exist”
/api/person/:id/block/
GET (params: token) get a person’s block list
200 “person exists”

the person’s block list

401 “not allowed to see this person’s block list”
404 “person does not exist”
POST (params: token) add a new blocked person to this person
201 “blocked person added”

the new blocked person

401 “not allowed to see this person’s block list”
404 “person does not exist”
DELETE (params: token) remove a blocked person
204 “blocked person removed”
401 “not allowed to see this person’s block list”
404 “person does not exist”
/api/person/:id/room/
GET (params: token) get a person’s room list
200 “person exists”

the person’s room list

401 “not allowed to see this person’s room list”
404 “person does not exist”
DELETE (params: token) delete a room from a person’s room list
204 “room has been removed from person’s room list”
401 “not allowed to see this person’s room list”
404 “person does not exist”
/api/person/:id/feed/
GET (params: token) get a person’s feed
200 “person exists”

list of posts in person’s feed

401 “not allowed to see this person’s feed”
404 “person does not exist”
/api/room/
GET (params: token, code) get a room from a specified code and add it to user’s room list
200 “room exists”

the room

201 “room does not exists, so it has been created”

the room

/api/room/:id/
GET (params: token) get a room
200 “room exists”

the room

401 “not allowed to see this room”
404 “room does not exist”
PUT (params: token) change the name of a room
200 “room exists”

the room

401 “not allowed to see this room”
404 “room does not exist”
/api/room/:id/post/
GET (params: token) get the posts in a room
200 “room exists”

the posts

401 “not allowed to see this room”
404 “room does not exist”
POST (params: token) create a post in a room
201 “post created”

the post

401 “not allowed to see this room”
404 “room does not exist”
/api/room/:id/post/:id/
GET (params: token) get a post belonging to a room
200 “post exists”

the post

401 “not allowed to see this post”
404 “post does not exist”
/api/room/:id/post/:id/data/
GET (params: token, preview, size, cell) get the data (or a preview) attached to a post (eg, a picture)
200 “data exists”

the data or a preview

401 “not allowed to see this post”
404 “post does not exist”
/api/blankcell
GET (params: token, size) generate a blank cell
200 “ok”

the blank cell

Article written by

I am a Msc Student of Web Technology. I am interested in Network and Information Security.

Please comment with your real name using good manners.

Leave a Reply