Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

The session API is located in the editor module, it enables authentication to translate5 via API.

Provides status informations about the authenticated user.

URL:

/editor/session/[SESSION_ID]

Available Methods:

GET/POST

Specialities:

See below

POST Request

The POST requests needs the following two parameters either as data object or plain form parameters:

Name

Type

Info

login

string

The user to be authenticated.

passwd

string

The passwd of the user to be authenticated.

POST resulting resource layout

Returns HTTP 200 when login was successful, 400 when parameters are missing, 403 when credentials were wrong.

When successful the result looks like:

Name

Type

Info

sessionId

string

the sessionId of the newly created session, can be used directly for further API communication.

The here given sessionId is essential for further usage of other requests to the API, see below in the section API Usage.

sessionToken

string

A one time usable token which can be passed to the users browser for overtaking the created session.

For example: Users are administered by your software, translate5 is just embedded.
Users authenticate themselves on your system, your system authenticates them via API at translate5.
Your system then provides a link containing the sessionToken parameter:
  /editor?sessionToken=RECEIVED_TOKEN
After clicking on this URL translate5 will be opened with the authenticated user.
The token is only callable one time to prohibit misusage.

 

GET resulting resource layout

For GET the sessionId must be part of the URL, like the usual ID parameter: /editor/session/SESSION_ID

Returns HTTP 200 when user is authenticated, 404 otherwise.

Name

Type

Info

state

string

contains "authenticated" or "not authenticated"

user

object

contains the authenticated user or null. The users structure is as described in the user API.

 

Using the received sessionId in other API calls

Translate5 does not use a traditional RESTful authentication, but uses sessions that for.

To use the API as a authenticated user, first a session must be generated by the above mentioned session POST call. The there received sessionId must be given on each other request to the API as cookie value.

Example HTTP Header to provide the Session ID as cookie value:
Cookie: zfExtended=GIVEN_SESSION_ID
  • No labels