Skip to content

DRAFT: Mutorials API

Jump to bottom
PerpetualCreativity edited this page Oct 14, 2020 · 6 revisions

The Mutorials API is currently intended for usage by official apps. You will require an app code that I will give you to access the API.

All of the below documents are in JSON format.

Create user account (sign up)

The app needs to do some input validation. Enforce the following requirements:

  • length of username must be between 1 and 30 characters long
  • username may only contain letters, numbers underscore, hyphen, period, and tilde
  • password must be longer than 7 characters, and contain at least 1 number and 1 letter.
  • the age must be a number.
  • the email must conform to RFC 5322 (see utils/functions/emailValidation.js to find the correct regular expression).

Your application will POST the user's details in the below format to the route /api/signup:

{
    "app_code": "YOUR_APP_CODE_HERE",
    "email": "the user email",
    "username": "the username",
    "password": "the user pass",
    "age": "the user age"
}

A successful signup will return the following:

{
    "success": true
}

An unsuccessful signup will return the following:

{
    "success": true,
    "error": [
        "error"
    ]
}

You will want to directly pass on these errors to the user. List of possible errors (may be all):

"That username is already taken."
"That email is already in use."
"Your username is too long."
"Please enter a username."
"Allowed username characters: letters, numbers, underscore, hyphen, period, and tilde."
"The password you entered does not meet the requirements."
"The passwords did not match. Please try again."
"The email you entered is not valid."
"You must agree to the Terms of Service and Privacy Policy to register an account with us."
"You must be at least 13 years old, or have permission from your parent, guardian, teacher, or school to use Mutorials."

Be sure to tell the user to check their email to validate it.

Authenticate User

Your application will POST the user's details in the below format to the route /api/auth:

{
    "app_code": "YOUR_APP_CODE_HERE",
    "email": "testing@example.com",
    "password": "the user pass"
}

A successful login will return the following:

{
    "success": true,
    "user_code": "0abce0"
}

Store the user code client-side, because you will need it for all future requests to the API. Don't call this function every time the user opens the app.

An unsuccessful login will return the following:

{
    "success": false,
    "error": [
        "error"
    ]
}

You will want to directly pass on these errors to the user. List of possible errors:

"Incorrect email or password."

Global Error Strings

List of errors that can be returned by any route:

"Error 500: Internal Server Error"
"Error 403: Forbidden. Incorrect app API code."

You should capture these errors and display a nicer error screen to the user (while still providing the same information).

Clone this wiki locally