Core - Current User
Module dedicated to the retrieval and edit of the settings for the currently logged in user.
The base url for the APIs in this page is at:
/api/admin
A JSON file with OpenAPI data about all core-related admin APIs can be downloaded here
.
Login
Login is handled via the /v1/user/logon endpoint:
The object to pass to this API is like this:
{
"username":"username@provider.com", // String
"password":"userpassword" // String
}
Both fields are required. If the provided credentials are correct, the API will return an object like this:
{
MustChangePassword: true // Boolean
Token: "a valid JWT string", // String
Roles: ["array","of","role","slugs"], // String Array
Name: "The registered first name of the user", // String
Surname: "The registered last name of the user", // String
FullName: "The registered full name of the user", // String
Language: "language ISO code" // String
}
The MustChangePassword
field means that the user should be forced to change password.
The Roles
and FullName
fields may be used by the UI/UX to immediately hide/enhance
the functions that may be accessed by the user.
The Language
field may be used to correctly set the localization of the UI labels.
In case of errors, the Message
values that Movens may report are:
invalid_credentials
When the credentials supplied cannot be matched to any registered user.
cannot_access
The user has been successfully identified, but cannot access now.
This may be due to user having been blocked, not being confirmed (e.g. via a link in an e-mail message that must have been clicked), or not having the correct role to access admin APIs.
err_TooManySessions
The user has reached the maximun allowed number of concurrent sessions
Logout
Logout is handled via the /v1/user/logoff endpoint:
The API does not need any object provided, and it will logoff the current active session for the user.
Get current user data
Gets the data of the currently logged-in user:
Returns a positive Json object containing the data of the currently logged-in user:
{
Name: "John", // String
Surname: "Doe", // String
FullName: "John Doe", // String
Roles: ["Roles of the user"], // String Array
UserName: "user@login.com", // String
Email: "user@login.com", // String
MobilePhoneNumber: "12345678", // String
CreatedDate: "2001-01-01T01:01:01Z", // DateTime
ID: 12345, // Int
LCID: 2057, // Int
Language: "en-GB", // String
Communities: [Guid array], // Guid Array
AdministeredCommunities: [Communities array], // Community Array
OperationalDataFields: "[{"Key":"field-name","Value":"field-value"},...]" // String (JSON Dictionary)
}
If there is a problem retrieving the guid of the current user, it will return a 401 unauthorised response.
Get current user communities
Gets the list of communities the current user can access:
- GET /v1/user/current/communities
Gets the list of communities the current user can access
- Status Codes
200 OK – Success
Returns a positive response with the list of communities that the current user can access:
[
{
"Name": "Community", // String
"Level": 1, // Int
"PrimaryColor": null, // Int (nullable)
"AccentColor": null, // Int (nullable)
"Logo": "AAAAAAAAAA==...", // ByteArray (as String, nullable)
"Guid": "6e530c79-bf96-4310-be5b-aaca274ce40b", // Guid
"RegistrationCode": "KBTHSSZBTM", // String
"DeletionDate": "2020-05-27T13:08:39Z", // DateTime (nullable)
"ID": 20 // Int
},
...
]
If there is an error retrieving the data for the current user, a json negative response will be returned.
Set language
Changes a language setting for the current user:
- POST /v1/user/current/language/{lan}
Persists a language setting for the current user
- Parameters
lan (string) – The BCP-47 language code
- Status Codes
200 OK – Success
If the language code included in the request is valid BCP-47 language code, it will be set as the language of the current user and a json positive response will be returned.
In case of error retrieving the data for the current user, a plain json negative response will be returned.
Specific errore messages are:
err_NoSuchCulture
A non valid (null) BCP-47 language code was provided in the request
Edit password
Set a new password for the current user:
- POST /v1/user/current/password
Persists a new password for the current user
- Status Codes
200 OK – Success
In case of error retrieving the data for the current user, a plain json negative response will be returned.
The format of the request is the following:
{
password: "new_password" // String
}
The API will also renew the current token, and will return the new token value:
{
Token: "a valid JWT string", // String
}
Possible errors are:
same_password
The new password provided is the same as the old one
invalid_length
The new password provided is shorter than the min accepted length of 8 characters
Edit mobile number
Persists a new mobile number for the current user:
- POST /v1/user/current/mobile
Persists a new mobile number for the current user
- Status Codes
200 OK – Success
In case of error retrieving the data for the current user, a plain json negative response will be returned.
The format of the request is the following:
{
mobile: "123421412" // String
}
A plain positive Json response will be returned at the end of the update process.
A plain negative Json response will be returned if no mobile has been provided.
Edit email
Persists a new e-mail address for the current user:
- POST /v1/user/current/email
Persists a new e-mail address for the current user
- Status Codes
200 OK – Success
In case of error retrieving the data for the current user, a plain json negative response will be returned.
The format of the request is the following:
{
email: "new_email@email.com" // String
}
A plain positive Json response will be returned at the end of the update process.
A plain negative Json response will be returned if no email has been provided.
Renew Token
Renew a JWT for the current user:
If the request is successful it will return the new token.
If not a generic json error message will be returned.