summaryrefslogtreecommitdiff
path: root/public/api.html
diff options
context:
space:
mode:
authorTyler Murphy <tylermurphy534@gmail.com>2023-02-02 16:15:19 -0500
committerTyler Murphy <tylermurphy534@gmail.com>2023-02-02 16:15:19 -0500
commitecb815043a2dc4cb453f620eb30598223de74d9a (patch)
tree50a5bccc85056389fca1f8df79ab151e0259bc77 /public/api.html
parentdont show load posts button if no posts (diff)
downloadxssbook-ecb815043a2dc4cb453f620eb30598223de74d9a.tar.gz
xssbook-ecb815043a2dc4cb453f620eb30598223de74d9a.tar.bz2
xssbook-ecb815043a2dc4cb453f620eb30598223de74d9a.zip
api docs
Diffstat (limited to 'public/api.html')
-rw-r--r--public/api.html542
1 files changed, 542 insertions, 0 deletions
diff --git a/public/api.html b/public/api.html
new file mode 100644
index 0000000..6e6086a
--- /dev/null
+++ b/public/api.html
@@ -0,0 +1,542 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="UTF-8">
+ <link rel="stylesheet" href="/css/main.css">
+ <link rel="stylesheet" href="/css/header.css">
+ <link rel="stylesheet" href="/css/console.css">
+ <link rel="stylesheet" href="/css/api.css">
+ <title>XSSBook - API Documentation</title>
+</head>
+<body>
+ <div id="header">
+ <span class="logo"><a href="/">xssbook</a></span>
+ <span class="gtext desc" style="margin-left: 6em; font-size: 2em; color: #606770">API Documentation</span>
+ </div>
+ <div id="docs">
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/auth/register</span>
+ <span class="desc">Registeres a new account</span>
+ </div>
+ <div class="info">
+ <h2>Body</h2>
+ <div class="body">
+ <span>{</span><br>
+ <span class="key">"firstname"</span> : <span class="string">"[Object"</span><br>
+ <span class="key">"lastname"</span> : <span class="string">"object]"</span><br>
+ <span class="key">"email"</span> : <span class="string">"object@object.object"</span><br>
+ <span class="key">"password"</span> : <span class="string">"i love js"</span><br>
+ <span class="key">"gender"</span> : <span class="string">"lettuce"</span><br>
+ <span class="key">"day"</span> : <span class="number">1</span><br>
+ <span class="key">"month"</span> : <span class="number">1</span><br>
+ <span class="key">"year"</span> : <span class="number">1970</span><br>
+ <span>}</span><br>
+ </div>
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">201</span>
+ <span class="pdesc">Successfully created new user, auth cookie is returned</span>
+ </div>
+ <div>
+ <span class="ptype">400</span>
+ <span class="pdesc">Body does not match paramaters</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/auth/login</span>
+ <span class="desc">Logs into an existing account</span>
+ </div>
+ <div class="info">
+ <h2>Body</h2>
+ <div class="body">
+ <span>{</span><br>
+ <span class="key">"email"</span> : <span class="string">"object@object.object"</span><br>
+ <span class="key">"password"</span> : <span class="string">"i love js"</span><br>
+ <span>}</span><br>
+ </div>
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Successfully logged in, auth cookie is returned</span>
+ </div>
+ <div>
+ <span class="ptype">400</span>
+ <span class="pdesc">Body does not match paramaters, or email/password is already in use</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/auth/logout</span>
+ <span class="desc">Logs out of an logged in account</span>
+ <span class="auth"><span>auth</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Successfully logged out</span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to log out user</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/posts/create</span>
+ <span class="desc">Creates a new post</span>
+ <span class="auth"><span>auth</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Body</h2>
+ <div class="body">
+ <span>{</span><br>
+ <span class="key">"content"</span> : <span class="string">"Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua."</span><br>
+ <span>}</span><br>
+ </div>
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">201</span>
+ <span class="pdesc">Successfully created post</span>
+ </div>
+ <div>
+ <span class="ptype">400</span>
+ <span class="pdesc">Body does not match paramaters</span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to create post</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/posts/page</span>
+ <span class="desc">Load a section of posts from newest to oldest</span>
+ <span class="auth"><span>auth</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Body</h2>
+ <div class="body">
+ <span>{</span><br>
+ <span class="key">"page"</span> : <span class="number">0</span><br>
+ <span>}</span><br>
+ </div>
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Returns posts in <span>application/json</span></span>
+ </div>
+ <div>
+ <span class="ptype">400</span>
+ <span class="pdesc">Body does not match paramaters</span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to fetch posts</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/posts/user</span>
+ <span class="desc">Load a section of posts from newest to oldest from a specific user</span>
+ <span class="auth"><span>auth</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Body</h2>
+ <div class="body">
+ <span>{</span><br>
+ <span class="key">"user_id"</span> : <span class="number">3</span><br>
+ <span class="key">"page"</span> : <span class="number">0</span><br>
+ <span>}</span><br>
+ </div>
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Returns posts in <span>application/json</span></span>
+ </div>
+ <div>
+ <span class="ptype">400</span>
+ <span class="pdesc">Body does not match paramaters</span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to fetch posts</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method patch">PATCH</span>
+ <span class="uri">/api/posts/comment</span>
+ <span class="desc">Adds a comment to a post</span>
+ <span class="auth"><span>auth</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Body</h2>
+ <div class="body">
+ <span>{</span><br>
+ <span class="key">"content"</span> : <span class="string">"This is a very good post"</span><br>
+ <span class="key">"post_id"</span> : <span class="number">0</span><br>
+ <span>}</span><br>
+ </div>
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Successfully added comment</span>
+ </div>
+ <div>
+ <span class="ptype">400</span>
+ <span class="pdesc">Body does not match paramaters</span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to add comment</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method patch">PATCH</span>
+ <span class="uri">/api/posts/like</span>
+ <span class="desc">Set like status on a post</span>
+ <span class="auth"><span>auth</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Body</h2>
+ <div class="body">
+ <span>{</span><br>
+ <span class="key">"state"</span> : <span class="bool">true</span><br>
+ <span class="key">"post_id"</span> : <span class="number">0</span><br>
+ <span>}</span><br>
+ </div>
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Successfully set like status</span>
+ </div>
+ <div>
+ <span class="ptype">400</span>
+ <span class="pdesc">Body does not match paramaters</span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to set like status</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/users/load</span>
+ <span class="desc">Load a requested set of users</span>
+ <span class="auth"><span>auth</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Body</h2>
+ <div class="body">
+ <span>{</span><br>
+ <span class="key">"ids"</span> : [<span class="number">0</span>,<span class="number">3</span>,<span class="number">7</span>]<br>
+ <span>}</span><br>
+ </div>
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Returns users in <span>application/json</span></span>
+ </div>
+ <div>
+ <span class="ptype">400</span>
+ <span class="pdesc">Body does not match paramaters</span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to fetch users</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/users/page</span>
+ <span class="desc">Load a section of users from newest to oldest</span>
+ <span class="auth"><span>auth</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Body</h2>
+ <div class="body">
+ <span>{</span><br>
+ <span class="key">"page"</span> : <span class="number">0</span><br>
+ <span>}</span><br>
+ </div>
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Returns users in <span>application/json</span></span>
+ </div>
+ <div>
+ <span class="ptype">400</span>
+ <span class="pdesc">Body does not match paramaters</span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to fetch users</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/users/self</span>
+ <span class="desc">Returns current authenticated user (whoami)</span>
+ <span class="auth"><span>auth</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Returns authed user in <span>application/json</span></span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to fetch user</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method put">PUT</span>
+ <span class="uri">/api/users/avatar</span>
+ <span class="desc">Set your current profile avatar</span>
+ <span class="auth"><span>auth</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Body</h2>
+ <div class="body">
+ PNG sent as a binary blob
+ </div>
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Successfully updated avatar</span>
+ </div>
+ <div>
+ <span class="ptype">400</span>
+ <span class="pdesc">Invalid PNG or disallowed size</span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to update avatar</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method put">PUT</span>
+ <span class="uri">/api/users/banner</span>
+ <span class="desc">Set your current profile banner</span>
+ <span class="auth"><span>auth</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Body</h2>
+ <div class="body">
+ PNG sent as a binary blob
+ </div>
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Successfully updated banner</span>
+ </div>
+ <div>
+ <span class="ptype">400</span>
+ <span class="pdesc">Invalid PNG or disallowed size</span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to update banner</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/admin/auth</span>
+ <span class="desc">Authenticates on the admin panel</span>
+ </div>
+ <div class="info">
+ <h2>Body</h2>
+ <div class="body">
+ <span>{</span><br>
+ <span class="key">"secret"</span> : <span class="string">"admin"</span><br>
+ <span>}</span><br>
+ </div>
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Successfully authed, admin cookie returned</span>
+ </div>
+ <div>
+ <span class="ptype">400</span>
+ <span class="pdesc">Body does match parameters, or invalid admin scret</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/admin/query</span>
+ <span class="desc">Run a SQL query on the database</span>
+ <span class="auth"><span>admin</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Body</h2>
+ <div class="body">
+ <span>{</span><br>
+ <span class="key">"query"</span> : <span class="string">"DROP TABLE users;"</span><br>
+ <span>}</span><br>
+ </div>
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Successfully ran SQL query</span>
+ </div>
+ <div>
+ <span class="ptype">400</span>
+ <span class="pdesc">Body does match parameters</span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">SQL query error</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/admin/posts</span>
+ <span class="desc">Returns the entire posts table</span>
+ <span class="auth"><span>admin</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Returns sql table in <span>text/html</span></span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to fetch data</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/admin/users</span>
+ <span class="desc">Returns the entire users table</span>
+ <span class="auth"><span>admin</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Returns sql table in <span>text/html</span></span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to fetch data</span>
+ </div>
+ </div>
+ </div>
+ <div>
+ <div class="endpoint">
+ <span class="method post">POST</span>
+ <span class="uri">/api/admin/sessions</span>
+ <span class="desc">Returns the entire posts sessions</span>
+ <span class="auth"><span>admin</span> cookie is required for authentication</span>
+ </div>
+ <div class="info">
+ <h2>Responses</h2>
+ <div>
+ <span class="ptype">200</span>
+ <span class="pdesc">Returns sql table in <span>text/html</span></span>
+ </div>
+ <div>
+ <span class="ptype">401</span>
+ <span class="pdesc">Unauthorized</span>
+ </div>
+ <div>
+ <span class="ptype">500</span>
+ <span class="pdesc">Failed to fetch data</span>
+ </div>
+ </div>
+ </div>
+ </div>
+</body> \ No newline at end of file
generated by cgit v1.2.3-freya (git 2.51.0) at 2025-09-22 22:11:06 +0000