sio-2425/delivery1/README.md

SIO 2024 - Projeto 1

Group

• João Pedro Fonseca Bastos - 113470 - joaop.bastos@ua.pt
• Rúben da Loura Cristóvão Gomes - 113435 - rlcg@ua.pt
• Tiago Rocha Garcia - 114184 - tiago.rgarcia@ua.pt

API

Usage

The API run as a RESTful service using the flask framework. A test API is hosted on the following URL: https://sio.tiagorg.pt.

To run, first create the virtual environment and install the dependencies:

python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt

Then, run the API:

flask run --port <port>

Note: The API is hosted on port 5000 by default. Note: You can also run the API in debug mode with the flag --debug.

Endpoints

The API has a list of endpoints that require different permission levels to access.

Mainly, it's divided into 3 categories:

• Anonymous: No authentication required.
• Authenticated: Authentication required.
• Authorized: Authentication and permissions required.

Anonymous Endpoints

• GET /: Returns a ping message.
• POST /reset: Resets the database and deletes all data.
  • Required headers:
    • Content-Type: application/json
  • Required payload fields:
    • password: The reset password. Note: The reset password is 123.
• GET /org/list: Returns a list of organizations.
• POST /org/create: Creates a new organization.
  • Required headers:
    • Content-Type: application/json
  • Required payload fields:
    • name: Organization name.
    • username: Manager username.
    • full_name: Manager full name.
    • email: Manager email.
    • public_key: Manager public key.
• GET /file/get/<file_handle>/content: Downloads the file content.
• POST /user/login: Logs in a user.
  • Required headers:
    • Content-Type: application/json
  • Required payload fields:
    • org: Organization name.
    • username: User username.
    • password: User password.
    • credentials_file: User credentials file.

Authenticated Endpoints

• GET /user/list: Returns a list of users.
  • Required headers:
    • Authorization: token
  • Optional payload parameters:
    • username: Filter by username.
• GET /file/list: Returns a list of files.
  • Required headers:
    • Authorization: token
  • Optional payload parameters:
    • username: Filter by username.
    • datetime: Filter by datetime. The datetime filter has the following fields:
      • value: Epoch time in seconds.
      • relation: ot | eq | nt. (One of the following: older than, equal to, newer than)
• POST /user/logout: Logs out a user.
  • Required headers:
    • Authorization: token

Authorized Endpoints

• POST /user/create: Creates a new user.
  • Required headers:
    • Authorization: token
    • Content-Type: application/json
  • Required payload fields:
    • username: User username.
    • name: User name.
    • email: User email.
    • public_key: User public key.
• POST /user/<username>/suspend: Suspends a user.
  • Required headers:
    • Authorization: token
• POST /user/<username>/activate: Activates a user.
  • Required headers:
    • Authorization: token
• POST /file/upload/metadata: Uploads file metadata.
  • Required headers:
    • Authorization: token
    • Content-Type: application/json
  • Required payload fields:
    • document_name: Document name.
    • key: Document key.
    • alg: Document algorithm.
    • nonce: Document nonce.
• POST /file/upload/content: Uploads file content, content-type must be multipart/form-data.
  • Required headers:
    • Authorization: token
    • Content-Type: multipart/form-data
  • Required payload fields:
    • content: Document content.
• GET /file/get/<document_handle>/metadata: Downloads file metadata.
  • Required headers:
    • Authorization: token
• POST /file/delete/<document_handle>: Deletes a file.
  • Required headers:
    • `Authorization: token