Web Services Definition » History » Version 14
Kurt Gerber, 13 Dec 2018 12:16
1 | 10 | Kurt Gerber | h1. API / Web Services Requirements |
---|---|---|---|
2 | 2 | Kurt Gerber | |
3 | h2. Request services |
||
4 | 11 | Kurt Gerber | |
5 | 1 | Kurt Gerber | The existing API is documented here: https://qcat.readthedocs.io/en/latest/api/docs.html |
6 | |||
7 | 12 | Kurt Gerber | h3. Required missing request services: |
8 | 10 | Kurt Gerber | |
9 | 12 | Kurt Gerber | * There is an endpoint to get the configuration for a specific questionnaire and edition: https://https://qcat.wocat.net/en/api/v2/configuration/technologies/2018/ |
10 | 10 | Kurt Gerber | |
11 | 12 | Kurt Gerber | 1. Whithout the 'edition' endpoint, it should response with an array of available editions. Now it answers with a 'Not found' html page. |
12 | 10 | Kurt Gerber | |
13 | 12 | Kurt Gerber | 2. Without the specific configuration endpoint (like 'technologies'), the response should be an array of available configurations. Now it answers with a 'Not found' html page. |
14 | |||
15 | |||
16 | 10 | Kurt Gerber | h2. Requirements for services to add / update cases |
17 | 12 | Kurt Gerber | |
18 | |||
19 | h3. Authentification |
||
20 | |||
21 | To upload a case, a user has to authenticate himself. Therefore an authentification endpoint is needed. |
||
22 | |||
23 | 13 | Kurt Gerber | %{background:#F2D5A0} The existing authorization token serves only as authorization to access the API. |
24 | 1 | Kurt Gerber | The token is application based and always the same for certain application, independently of the user working with the application.% |
25 | 14 | Kurt Gerber | |
26 | * The user has to authenticate before any data is uploaded or non-public downloaded. |
||
27 | * After a successfull authentification, the server sends a (session-) token. This token has to be sent for any subsequent POST request. |
||
28 | * This token should have limited time of validity on the server side. |
||
29 | * LImitations on client side? (to discuss) |