๐Auth
This documentation provides an overview of the main functionalities provided by the Whirlprivacy.io platform, focusing on the authentication process.
POST /auth/login
/auth/login
Description:
Authenticates a user by verifying the signature of a previously issued challenge. Upon successful authentication, it generates a token that is used for subsequent requests that require authentication.
Parameters:
Parameter | Type | Description | Required |
---|---|---|---|
authAddress | string | The blockchain address of the user | Yes |
authSignature | string | The signature of the challenge message | Yes |
authChallenge | string | The challenge message that was signed | Yes |
Response:
Error Handling:
Error Code | Description |
---|---|
E_INVALID_OR_EXPIRED_CHALLENGE | Invalid or expired challenge |
E_INVALID_SIGNER | The signer address does not match the provided address |
E_INVALID_SIGN_DATA | The signature data is invalid |
E_CREATING_USER | Error occurred while creating a new user |
Example Code:
GET /auth/refresh
/auth/refresh
Description:
Refreshes a user's authentication token to extend their session without requiring them to re-authenticate.
Parameters:
No parameters are required for this endpoint as it uses the user's current authentication token for verification.
Headers:
Header Name | Value | Description |
---|---|---|
X-API-key |
| API token obtained after authentication. |
Response:
Error Handling:
Error Code | Description |
---|---|
E_UNAUTHORIZED | Unauthorized access |
Example Code:
GET /auth/challenge
/auth/challenge
Description:
Issues a challenge message containing a nonce for the user to sign with their private key. This is the first step in the authentication process.
Parameters:
No parameters are required for this endpoint.
Response:
In addition to the timestamp given, the response will be to sign a message that will look like this: "Welcome to Whirl Privacy, in order to authenticate and use the platform, you need to sign this message. Nonce:"
It won't work if you only sign the timestamp and not the message or vice versa.
Error Handling:
None
Example Code:
Last updated