REST API¶
EXT:login
depends on aEXT:routes
which is a yaml routes provider.That way we ship a couple of useful routes out of the box.
Fetch currently logged in user information¶
curl --location --request GET 'api/login/users/current' \ --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ --header 'Cookie: fe_typo_user=bb9c335567f3330d668d2fbe394606ec' \ --header 'X-CSRF-TOKEN: bb9c335567f3330d668d2fbe394606ec'Note
Guarded by
auth
middleware.[ { "address": "", "city": "", "company": "", "country": "", "crdate": 0, "email": "user@example.com", "endtime": 0, "fax": "", "firstName": "Serhii", "forgotPasswordFormUrl": "", "image": null, "lastName": "Borulko", "lockMinutesInterval": 10, "locked": false, "loggedIn": true, "middleName": "", "name": "", "notLocked": true, "online": true, "telephone": "", "timeToUnlock": true, "title": "", "tstamp": 1582719491, "uid": 1, "unlockActionUrl": "", "username": "user", "www": "", "zip": "" } ]
Gives us an answer if the session is authenticated¶
curl --location --request GET 'api/login/users/authenticated' \ --header 'Content-Type: application/json' \ --header 'Accept: application/json'{ "authenticated": true }
Terminates the existing session for the user. (Force logout)¶
curl --location --request GET 'api/login/logins/logout' \ --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ --header 'Cookie: fe_typo_user=bb9c335567f3330d668d2fbe394606ec' \ --header 'X-CSRF-TOKEN: bb9c335567f3330d668d2fbe394606ec'Note
Guarded by
auth
middleware.
Plain authentication attempt¶
curl --location --request POST 'http://login.ddev.site/api/login/logins/auth' \ --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ --data-raw '{"username":"user", "password":"passs", "remember":true}'Note
Guarded by
Throttle
middleware with limited to 50 failed attempts.Error response
{ "errors": { "username": [ "Provided username is not found." ], "password": [ "Password is invalid" ] } }Success response
{ "redirect": "http:example.com/after_login/sent" }
Magic link request¶
curl --location --request POST 'http://login.ddev.site/api/login/magic-link' \ --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ --data-raw '{"email":"dummy@example.com"}'Error response
{ "errors": { "email": [ "This email address is not connected to any user in our system." ] } }Success response
{ "redirect": "http:example.com/after_magic_link/sent" }
Forgot password request¶
curl --location --request POST 'http://login.ddev.site/api/login/reset-password-link' \ --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ --data-raw '{"email":"dummy@example.com"}'Error response
{ "errors": { "email": [ "This email address is not connected to any user in our system." ] } }Success response
{ "redirect": "http:example.com/after_forgot_password/sent" }