Authentification et compte¶
- POST /api/auth/register¶
Enregistrer un utilisateur et envoyer un courriel de confirmation.
Le compte nouvellement créé est inactif. L’utilisateur doit confirmer son adresse électronique pour l’activer.
Exemple de requête :
POST /api/auth/register HTTP/1.1 Content-Type: application/json
Exemple de réponses :
succès :
HTTP/1.1 200 SUCCESS Content-Type: application/json { "status": "success" }
erreur lors de l’enregistrement :
HTTP/1.1 400 BAD REQUEST Content-Type: application/json { "message": "Errors: email: valid email must be provided\n", "status": "error" }
- Objet JSON de requête:
username (string) – nom d’utilisateur (3 à 30 caractères requis)
email (string) – adresse électronique de l’utilisateur
password (string) – mot de passe (8 caractères minimum)
lang (string) – préférence de la langue utilisée sur l’interface (si non fournie, la langue utilisée sera l’anglais (“en”)
accepted_policy (boolean) –
true
si l’utilisateur a accepté la politique de confidentialitétimezone (string) – préférence du fuseau horaire (si non fournie ou invalide, la valeur utilisée sera “Europe/Paris”)
- Codes d’état:
200 OK –
success
invalid payload
sorry, that username is already taken
sorry, you must agree privacy policy to register
username: 3 to 30 characters required
username: only alphanumeric characters and the underscore character "_" allowed
email: valid email must be provided
password: 8 characters required
403 Forbidden –
error, registration is disabled
500 Internal Server Error –
error, please try again or contact the administrator
- POST /api/auth/account/confirm¶
Activer le compte utilisateur après l’inscription.
Exemple de requête :
POST /api/auth/account/confirm HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "auth_token": "JSON Web Token", "message": "account confirmation successful", "status": "success" }
- Objet JSON de requête:
token (string) – jeton de confirmation
- Codes d’état:
200 OK –
account confirmation successful
400 Bad Request –
invalid payload
500 Internal Server Error –
error, please try again or contact the administrator
- POST /api/auth/account/resend-confirmation¶
Renvoyer le courriel avec les instructions pour confirmer le compte.
Si l’envoi des courriels est désactivé, ce point d’accès n’est pas disponible.
Exemple de requête :
POST /api/auth/account/resend-confirmation HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "message": "confirmation email resent", "status": "success" }
- Objet JSON de requête:
email (string) – adresse électronique de l’utilisateur
- Codes d’état:
200 OK –
confirmation email resent
400 Bad Request –
invalid payload
404 Not Found –
the requested URL was not found on the server
500 Internal Server Error –
error, please try again or contact the administrator
- POST /api/auth/login¶
Connexion de l’utilisateur.
Seuls les utilisateurs disposant d’un compte actif peuvent se connecter.
Exemple de requête :
POST /api/auth/login HTTP/1.1 Content-Type: application/json
Exemple de réponses :
connexion avec succès :
HTTP/1.1 200 OK Content-Type: application/json { "auth_token": "JSON Web Token", "message": "successfully logged in", "status": "success" }
erreur à la connexion
HTTP/1.1 401 UNAUTHORIZED Content-Type: application/json { "message": "invalid credentials", "status": "error" }
- Objet JSON de requête:
email (string) – adresse électronique de l’utilisateur
password (string) – mot de passe
- Codes d’état:
200 OK –
successfully logged in
400 Bad Request –
invalid payload
401 Unauthorized –
invalid credentials
500 Internal Server Error –
error, please try again or contact the administrator
- GET /api/auth/profile¶
Obtenir des informations sur l’utilisateur authentifié (profil, compte, préférences).
Un utilisateur suspendu peut accéder à ce point d’accès.
Scope :
profile:read
Exemple de requête :
GET /api/auth/profile HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "data": { "accepted_privacy_policy": true, "analysis_visibility": "private", "bio": null, "birth_date": null, "created_at": "Sun, 14 Jul 2019 14:09:58 GMT", "date_format": "dd/MM/yyyy", "display_ascent": true, "email": "sam@example.com", "email_to_confirm": null, "first_name": null, "followers": 0, "following": 0, "hide_profile_in_users_directory": true, "imperial_units": false, "is_active": true, "language": "en", "last_name": null, "location": null, "manually_approves_followers": false, "map_visibility": "private", "nb_sports": 3, "nb_workouts": 6, "notification_preferences": { "comment_like": true, "follow": true, "follow_request": true, "follow_request_approved": true, "mention": true, "workout_comment": true, "workout_like": true } "picture": false, "records": [ { "id": 9, "record_type": "AS", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 10, "record_type": "FD", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 13, "record_type": "HA", "sport_id": 1, "user": "Sam", "value": 43.97, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 11, "record_type": "LD", "sport_id": 1, "user": "sam", "value": "1:01:00", "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 12, "record_type": "MS", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" } ], "role": "user", "sports_list": [ 1, 4, 6 ], "start_elevation_at_zero": false, "timezone": "Europe/Paris", "total_ascent": 720.35, "total_distance": 67.895, "total_duration": "6:50:27", "use_dark_mode": null, "use_raw_gpx_speed": false, "username": "sam", "weekm": false, "workouts_visibility": "private" }, "status": "success" }
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
success
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
- POST /api/auth/profile/edit¶
Modifier le profil de l’utilisateur authentifié.
Un utilisateur suspendu peut accéder à ce point d’accès.
Scope :
profile:write
Exemple de requête :
POST /api/auth/profile/edit HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "data": { "accepted_privacy_policy": true, "analysis_visibility": "private", "bio": null, "birth_date": null, "created_at": "Sun, 14 Jul 2019 14:09:58 GMT", "date_format": "dd/MM/yyyy", "display_ascent": true, "email": "sam@example.com", "email_to_confirm": null, "first_name": null, "followers": 0, "following": 0, "hide_profile_in_users_directory": true, "imperial_units": false, "is_active": true, "language": "en", "last_name": null, "location": null, "manually_approves_followers": false, "map_visibility": "private", "nb_sports": 3, "nb_workouts": 6, "notification_preferences": { "comment_like": true, "follow": true, "follow_request": true, "follow_request_approved": true, "mention": true, "workout_comment": true, "workout_like": true } "picture": false, "records": [ { "id": 9, "record_type": "AS", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 10, "record_type": "FD", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 13, "record_type": "HA", "sport_id": 1, "user": "Sam", "value": 43.97, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 11, "record_type": "LD", "sport_id": 1, "user": "sam", "value": "1:01:00", "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 12, "record_type": "MS", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" } ], "role": "user", "sports_list": [ 1, 4, 6 ], "start_elevation_at_zero": false, "timezone": "Europe/Paris", "total_ascent": 720.35, "total_distance": 67.895, "total_duration": "6:50:27", "use_dark_mode": null, "use_raw_gpx_speed": false, "username": "sam" "weekm": true, "workouts_visibility": "private" }, "message": "user profile updated", "status": "success" }
- Objet JSON de requête:
first_name (string) – prénom de l’utilisateur
last_name (string) – nom de famille de l’utilisateur
location (string) – localisation de l’utilisateur
bio (string) – biographie de l’utilisateur
birth_date (string) – date de naissance de l’utilisateur (format :
%Y-%m-%d
)
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
user profile updated
400 Bad Request –
invalid payload
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
500 Internal Server Error –
error, please try again or contact the administrator
- POST /api/auth/profile/edit/preferences¶
Modifier les préférences de l’utilisateur authentifié.
Formats de date pris en charge :
MM/dd/yyyy
(valeur par défaut)dd/MM/yyyy
yyyy-MM-dd
date_string
, correspondant sur l’application à :MMM. do, yyyy
pour la localeen
d MMM yyyy
pour les localeses
,fr
,gl
,it
etnl
do MMM yyyy` pour les locales
de
etnb
Un utilisateur suspendu peut accéder à ce point d’accès.
Scope :
profile:write
Exemple de requête :
POST /api/auth/profile/edit/preferences HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "data": { "accepted_privacy_policy": true, "analysis_visibility": "private", "bio": null, "birth_date": null, "created_at": "Sun, 14 Jul 2019 14:09:58 GMT", "date_format": "MM/dd/yyyy", "display_ascent": true, "email": "sam@example.com", "email_to_confirm": null, "first_name": null, "followers": 0, "following": 0, "hide_profile_in_users_directory": true, "imperial_units": false, "is_active": true, "language": "en", "last_name": null, "location": null, "manually_approves_followers": false, "map_visibility": "followers_only", "nb_sports": 3, "nb_workouts": 6, "notification_preferences": { "comment_like": true, "follow": true, "follow_request": true, "follow_request_approved": true, "mention": true, "workout_comment": true, "workout_like": true } "picture": false, "records": [ { "id": 9, "record_type": "AS", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 10, "record_type": "FD", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 13, "record_type": "HA", "sport_id": 1, "user": "Sam", "value": 43.97, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 11, "record_type": "LD", "sport_id": 1, "user": "sam", "value": "1:01:00", "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 12, "record_type": "MS", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" } ], "role": "user", "sports_list": [ 1, 4, 6 ], "start_elevation_at_zero": true, "timezone": "Europe/Paris", "total_ascent": 720.35, "total_distance": 67.895, "total_duration": "6:50:27", "use_dark_mode": null, "use_raw_gpx_speed": true, "username": "sam" "weekm": true, "workouts_visibility": "public" }, "message": "user preferences updated", "status": "success" }
- Objet JSON de requête:
analysis_visibility (string) – visibilité de l’analyse de la séance (
public
,followers_only
,private
)date_format (string) – le format utilisé pour afficher les dates dans l’application
display_ascent (boolean) – afficher les records de dénivelé et le total de dénivelé
hide_profile_in_users_directory (boolean) – si la valeur est
true
, l’utilisateur n’apparait pas dans le répertoire des utilisateurs.imperial_units (boolean) – afficher la distance en unités impériales
language (string) – préférences pour la langue
map_visibility (string) – visibilité de la carte de la séance (
public
,followers_only
,private
)manually_approves_followers (boolean) – if la valeur est
false
, les demandes de suivi sont automatiquement approuvéesstart_elevation_at_zero (boolean) – Les graphiques d’altitude commencent-ils à zéro ?
timezone (string) – fuseau horaire de l’utilisateur
use_dark_mode (boolean) – Affiche l’interface avec le thème sombre si la valeur est
true
. Si la valeur estnull
, le thème est sélectionné selon les préférences du navigateur.use_raw_gpx_speed (boolean) – Utiliser des points gpx non filtrés pour calculer les vitesses
weekm (boolean) – La semaine commence-t-elle le lundi ?
workouts_visibility (string) – visibilité des séances de l’utilisateur (
public
,followers_only
,private
)
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
user preferences updated
invalid payload
password: password and password confirmation don't match
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
500 Internal Server Error –
error, please try again or contact the administrator
- POST /api/auth/profile/edit/sports¶
Modifier les préférences des sports de l’utilisateur authentifié.
Scope :
profile:write
Exemple de requête :
POST /api/auth/profile/edit/sports HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "data": { "color": "#000000", "default_equipment_ids": [], "is_active": true, "sport_id": 1, "stopped_speed_threshold": 1, "user_id": 1 }, "message": "user sport preferences updated", "status": "success" }
- Objet JSON de requête:
sport_id (int) – id du sport pour lequel les préférences sont créées/modifiées
color (string) – couleur au format hexadécimale valide
is_active (boolean) – le sport est-il disponible lors de l’ajout d’une séance
stopped_speed_threshold (float) – seuil de vitesse arrêté utilisé par gpxpy
default_equipment_ids (array of strings) – l’id de l’équipement par défaut à utiliser pour ce sport. Note : pour le moment, un seul équipement peut être associé.
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
user sport preferences updated
invalid payload
invalid hexadecimal color
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
equipment_ids must be an array of strings
only one equipment can be added
equipment with id <equipment_id> does not exist
invalid equipment id <equipment_id> for sport
equipment with id <equipment_id> is inactive
you do not have permissions, your account is suspended
404 Not Found –
sport does not exist
500 Internal Server Error –
error, please try again or contact the administrator
- DELETE /api/auth/profile/reset/sports/(sport_id)¶
Réinitialiser les préférences de l’utilisateur authentifié pour un sport donné.
Scope :
profile:write
Exemple de requête :
DELETE /api/auth/profile/reset/sports/1 HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 204 OK Content-Type: application/json
- Paramètres:
sport_id (string) – identifiant du sport
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
204 No Content – préférences de l’utilisateur supprimées
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
you do not have permissions, your account is suspended
404 Not Found –
sport does not exist
500 Internal Server Error –
error, please try again or contact the administrator
- POST /api/auth/profile/edit/notifications¶
Modifier les préférences de notification de l’utilisateur authentifié.
Scope :
profile:write
Exemple de requête :
POST /api/auth/profile/edit/preferences HTTP/1.1 Content-Type: application/json
Exemple de réponses :
HTTP/1.1 200 OK Content-Type: application/json { "data": { "data": { "accepted_privacy_policy": true, "analysis_visibility": "private", "bio": null, "birth_date": null, "created_at": "Sun, 14 Jul 2019 14:09:58 GMT", "date_format": "dd/MM/yyyy", "display_ascent": true, "email": "sam@example.com", "email_to_confirm": null, "first_name": null, "followers": 0, "following": 0, "hide_profile_in_users_directory": true, "imperial_units": false, "is_active": true, "language": "en", "last_name": null, "location": null, "manually_approves_followers": false, "map_visibility": "private", "nb_sports": 3, "nb_workouts": 6, "notification_preferences": { "comment_like": true, "follow": true, "follow_request": true, "follow_request_approved": true, "mention": false, "workout_comment": false, "workout_like": false } "picture": false, "records": [ { "id": 9, "record_type": "AS", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 10, "record_type": "FD", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 13, "record_type": "HA", "sport_id": 1, "user": "Sam", "value": 43.97, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 11, "record_type": "LD", "sport_id": 1, "user": "sam", "value": "1:01:00", "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 12, "record_type": "MS", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" } ], "sports_list": [ 1, 4, 6 ], "start_elevation_at_zero": false, "timezone": "Europe/Paris", "total_ascent": 720.35, "total_distance": 67.895, "total_duration": "6:50:27", "use_dark_mode": null, "use_raw_gpx_speed": false, "username": "sam", "weekm": false, "workouts_visibility": "private" }, "status": "success" }
- Objet JSON de requête:
account_creation (boolean) – notification d’inscription d’un utilisateur (seulement si l’utilisateur a des droits d’administration)
comment_like (boolean) – notification de _like_ sur un commentaire
follow (boolean) – notification de suivi
follow_request (boolean) – notification de demande d’abonnement
follow_request_approved (boolean) – notification de demande d’abonnement approuvée
mention (boolean) – notification de mention
workout_comment (boolean) – notification de commentaire sur une séance
workout_like (boolean) – notification de _like_ sur une séance
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
user preferences updated
invalid payload
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
you do not have permissions, your account is suspended
500 Internal Server Error –
error, please try again or contact the administrator
- POST /api/auth/picture¶
Mise à jour de l’image de l’utilisateur authentifié.
Un utilisateur suspendu peut accéder à ce point d’accès.
Scope :
profile:write
Exemple de requête :
POST /api/auth/picture HTTP/1.1 Content-Type: multipart/form-data
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "message": "user picture updated", "status": "success" }
- Paramètres de la forme:
file – fichier de l’image (extensions autorisées : .jpg, .png, .gif)
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
user picture updated
invalid payload
no file part
no selected file
file extension not allowed
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
413 Request Entity Too Large –
error during picture update: file size exceeds 1.0MB
500 Internal Server Error –
error during picture update
- DELETE /api/auth/picture¶
Supprimer l’image de l’utilisateur authentifié.
Un utilisateur suspendu peut accéder à ce point d’accès.
Scope :
profile:write
Exemple de requête :
DELETE /api/auth/picture HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 204 NO CONTENT Content-Type: application/json
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
204 No Content – image supprimée
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
500 Internal Server Error –
error during picture deletion
- POST /api/auth/password/reset-request¶
Traiter les demandes de réinitialisation de mot de passe.
Si l’envoi des courriels est désactivé, ce point d’accès n’est pas disponible.
Exemple de requête :
POST /api/auth/password/reset-request HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "message": "password reset request processed", "status": "success" }
- Objet JSON de requête:
email (string) – adresse électronique de l’utilisateur
- Codes d’état:
200 OK –
password reset request processed
400 Bad Request –
invalid payload
404 Not Found –
the requested URL was not found on the server
- PATCH /api/auth/profile/edit/account¶
Mise à jour de l’email et du mot de passe de l’utilisateur authentifié.
Les courriels suivants sont envoyés si l’envoi est activé :
Modification de mot de passe
Changement d’adresse électronique :
un à l’adresse actuelle pour informer l’utilisateur
un autre à la nouvelle adresse pour la confirmer.
Un utilisateur suspendu peut accéder à ce point d’accès.
Scope :
profile:write
Exemple de requête :
PATCH /api/auth/profile/edit/account HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "data": { "accepted_privacy_policy": true, "analysis_visibility": "private", "bio": null, "birth_date": null, "created_at": "Sun, 14 Jul 2019 14:09:58 GMT", "date_format": "dd/MM/yyyy", "display_ascent": true, "email": "sam@example.com", "email_to_confirm": null, "first_name": null, "hide_profile_in_users_directory": true, "imperial_units": false, "is_active": true, "language": "en", "last_name": null, "location": null, "manually_approves_followers": false, "map_visibility": "followers_only", "nb_sports": 3, "nb_workouts": 6, "notification_preferences": { "comment_like": true, "follow": true, "follow_request": true, "follow_request_approved": true, "mention": true, "workout_comment": true, "workout_like": true } "picture": false, "records": [ { "id": 9, "record_type": "AS", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 10, "record_type": "FD", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 13, "record_type": "HA", "sport_id": 1, "user": "Sam", "value": 43.97, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 11, "record_type": "LD", "sport_id": 1, "user": "sam", "value": "1:01:00", "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" }, { "id": 12, "record_type": "MS", "sport_id": 1, "user": "sam", "value": 18, "workout_date": "Sun, 07 Jul 2019 08:00:00 GMT", "workout_id": "hvYBqYBRa7wwXpaStWR4V2" } ], "role": "user", "sports_list": [ 1, 4, 6 ], "start_elevation_at_zero": false, "timezone": "Europe/Paris", "total_ascent": 720.35, "total_distance": 67.895, "total_duration": "6:50:27", "use_dark_mode": null, "use_raw_gpx_speed": false, "username": "sam" "weekm": true, "workouts_visibility": "private" }, "message": "user account updated", "status": "success" }
- Objet JSON de requête:
email (string) – adresse électronique de l’utilisateur
password (string) – mot de passe actuel de l’utilisateur
new_password (string) – nouveau mot de passe de l’utilisateur
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
user account updated
invalid payload
email is missing
current password is missing
email: valid email must be provided
password: 8 characters required
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
invalid credentials
500 Internal Server Error –
error, please try again or contact the administrator
- POST /api/auth/password/update¶
Mise à jour du mot de passe de l’utilisateur après une demande de réinitialisation du mot de passe.
Uniquement si l’envoi est activé.
Exemple de requête :
POST /api/auth/password/update HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "message": "password updated", "status": "success" }
- Objet JSON de requête:
password (string) – mot de passe (8 caractères minimum)
token (string) – jeton de réinitialisation du mot de passe
- Codes d’état:
200 OK –
password updated
400 Bad Request –
invalid payload
401 Unauthorized –
invalid token, please request a new token
500 Internal Server Error –
error, please try again or contact the administrator
- POST /api/auth/email/update¶
Mise à jour de l’adresse électronique de l’utilisateur après confirmation.
Exemple de requête :
POST /api/auth/email/update HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "message": "email updated", "status": "success" }
- Objet JSON de requête:
token (string) – jeton de réinitialisation du mot de passe
- Codes d’état:
200 OK –
email updated
400 Bad Request –
invalid payload
500 Internal Server Error –
error, please try again or contact the administrator
- POST /api/auth/logout¶
Déconnexion de l’utilisateur. Si un jeton valide est fourni, il sera invalidé.
Un utilisateur suspendu peut accéder à ce point d’accès.
Exemple de requête :
POST /api/auth/logout HTTP/1.1 Content-Type: application/json
Exemple de réponses :
déconnexion avec succès :
HTTP/1.1 200 OK Content-Type: application/json { "message": "successfully logged out", "status": "success" }
erreur lors de la déconnexion :
HTTP/1.1 401 UNAUTHORIZED Content-Type: application/json { "message": "provide a valid auth token", "status": "error" }
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
successfully logged out
provide a valid auth token
The access token provided is expired, revoked, malformed, or invalid for other reasons.
500 Internal Server Error –
error on token blacklist
- POST /api/auth/account/privacy-policy¶
L’utilisateur authentifié accepte la politique de confidentialité.
Un utilisateur suspendu peut accéder à ce point d’accès.
Exemple de requête :
POST /api/auth/account/privacy-policy HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "status": "success" }
- Objet JSON de requête:
accepted_policy (boolean) –
true
si l’utilisateur a accepté la politique de confidentialité
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
success
400 Bad Request –
invalid payload
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
500 Internal Server Error –
error, please try again or contact the administrator
- GET /api/auth/account/export¶
Obtenir l’archive de l’export de données pour l’utilisateur authentifié si une demande existe.
Il renvoie :
date de création de l’export
état de l’export (
in_progress
,successful
anderrored
)nom du fichier et sa taille (en octets) lorsque l’export est réussi
Un utilisateur suspendu peut accéder à ce point d’accès.
Exemple de requête :
GET /api/auth/account/export HTTP/1.1 Content-Type: application/json
Exemple de réponse :
si une requête existe :
HTTP/1.1 200 OK Content-Type: application/json { "status": "success", "request": { "created_at": "Wed, 01 Mar 2023 12:31:17 GMT", "status": "successful", "file_name": "archive_rgjsR3fHt295ywNQr5Yp.zip", "file_size": 924 } }
si aucun requête :
HTTP/1.1 200 OK Content-Type: application/json { "status": "success", "request": null }
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
success
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
- POST /api/auth/account/export/request¶
Demande d’export de données pour un utilisateur authentifié.
Un utilisateur suspendu peut accéder à ce point d’accès.
Exemple de requête :
POST /api/auth/account/export/request HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "status": "success", "request": { "created_at": "Wed, 01 Mar 2023 12:31:17 GMT", "status": "in_progress", "file_name": null, "file_size": null } }
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
success
ongoing request exists
completed request already exists
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
500 Internal Server Error –
error, please try again or contact the administrator
- GET /api/auth/account/export/(string: file_name)¶
Télécharger une archive d’export de données.
Un utilisateur suspendu peut accéder à ce point d’accès.
Exemple de requête :
GET /api/auth/account/export/download/archive_rgjsR3fHr5Yp.zip HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/x-gzip
- Paramètres:
file_name (string) – nom du fichier
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
success
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
404 Not Found –
file not found
- GET /api/auth/blocked-users¶
Obtenir les utilisateurs bloqués par l’utilisateur authentifié.
Scope :
profile:read
Exemple de requêtes :
sans paramètres :
GET /api/auth/blocked-users HTTP/1.1
avec des paramètres :
GET /api/auth/blocked-users?page=1 HTTP/1.1
Exemple de réponses :
avec les utilisateurs bloqués :
HTTP/1.1 200 OK Content-Type: application/json { "blocked_users": [ { "blocked": true, "created_at": "Sun, 01 Dec 2024 17:27:49 GMT", "followers": 0, "following": 0, "follows": "false", "is_followed_by": "false", "nb_workouts": 1, "picture": false, "role": "user", "suspended_at": null, "username": "Sam" } ], "pagination": { "has_next": false, "has_prev": false, "page": 1, "pages": 1, "total": 1 }, "status": "success" }
sans les utilisateurs bloqués :
HTTP/1.1 200 OK Content-Type: application/json { "blocked_users": [], "pagination": { "has_next": false, "has_prev": false, "page": 1, "pages": 0, "total": 0 }, "status": "success" }
- Paramètres de requête:
page (integer) – page si pagination (par défaut : 1)
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
success
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
you do not have permissions, your account is suspended
- GET /api/auth/account/suspension¶
Obtenir tous les records pour l’utilisateur authentifié.
Un utilisateur suspendu peut accéder à ce point d’accès.
Scope :
profile:read
Exemple de requête :
GET /api/auth/account/suspension HTTP/1.1
Exemple de réponses :
une suspension existe :
HTTP/1.1 200 OK Content-Type: application/json { "status": "success", "user_suspension": { "action_type": "user_suspension", "appeal": null, "comment": null, "created_at": "Wed, 04 Dec 2024 10:45:13 GMT", "id": "mmy3qPL3vcFuKJGfFBnCJV", "reason": "<SUSPENSION REASON>", "workout": null } }
aucun suspension :
HTTP/1.1 404 NOT FOUND Content-Type: application/json { "status": "not found", "message": "user account is not suspended" }
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
success
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
404 Not Found –
user account is not suspended
- POST /api/auth/account/suspension/appeal¶
Faire appeal de la suspension de l’utilisateur authentifié.
Un utilisateur suspendu peut accéder à ce point d’accès.
Scope :
profile:write
Exemple de requête :
POST /api/auth/account/suspension/appeal HTTP/1.1
Exemple de réponse :
HTTP/1.1 201 CREATED Content-Type: application/json { "status": "success" }
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Objet JSON de requête:
text (string) – texte expliquant la raison de l’appel
- Codes d’état:
201 Created – appel pour la suspension créé
no text provided
you can appeal only once
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
404 Not Found –
user account is not suspended
500 Internal Server Error –
error, please try again or contact the administrator
- GET /api/auth/account/sanctions/(string: action_short_id)¶
Obtenir les sanctions pour l’utilisateur authentifié.
Un utilisateur suspendu peut accéder à ce point d’accès.
Scope :
profile:read
Exemple de requête :
GET /api/auth/account/sanctions/mmy3qPL3vcFuKJGfFBnCJV HTTP/1.1
Exemple de réponse :
HTTP/1.1 200 SUCCESS Content-Type: application/json { "sanction": { "action_type": "user_suspension", "appeal": { "approved": null, "created_at": "Wed, 04 Dec 2024 10:49:00 GMT", "id": "7pDujhCVHyA4hv29JZQNgg", "reason": null, "text": "<APPEAL TEXT>", "updated_at": null }, "comment": null, "created_at": "Wed, 04 Dec 2024 10:45:13 GMT", "id": "mmy3qPL3vcFuKJGfFBnCJV", "reason": "<SANCTION REASON>", "workout": null }, "status": "success" }
- Paramètres:
action_short_id (string) – identifiant de la suspension
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
200 OK –
success
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
404 Not Found –
no sanction found
- POST /api/auth/account/sanctions/(string: action_short_id)/appeal¶
Faire appel de la suspension
Scope :
profile:write
Exemple de requête :
POST /api/auth/account/sanctions/6dxczvMrhkAR72shUz9Pwd/appeal HTTP/1.1
Exemple de réponse :
HTTP/1.1 201 CREATED Content-Type: application/json { "status": "success" }
- Paramètres:
action_short_id (string) – identifiant de la sanction
- Objet JSON de requête:
text (string) – texte expliquant la raison de l’appel
- En-têtes de requête:
Authorization – Jeton “OAuth 2.0 Bearer”
- Codes d’état:
201 Created – appel créé
no text provided
you can appeal only once
provide a valid auth token
signature expired, please log in again
invalid token, please log in again
you do not have permissions, your account is suspended
404 Not Found –
no sanction found
500 Internal Server Error –
error, please try again or contact the administrator
- GET /api/auth/timezones¶
Renvoie la liste des fuseaux horaires disponibles
Exemple de requête :
GET /api/auth/timezones HTTP/1.1 Content-Type: application/json
Exemple de réponse :
HTTP/1.1 200 OK Content-Type: application/json { "timezones": [ "Africa/Abidjan", "Africa/Accra", "Africa/Algiers", "Africa/Bissau", "Africa/Cairo", "...", "Pacific/Tahiti", "Pacific/Tarawa", "Pacific/Tongatapu", "Pacific/Wake", "Pacific/Wallis", ], "status": "success" }
- Codes d’état:
200 OK –
success