...
This can be opened using the Swagger editor demo http://editor.swagger.io/, if desired.
Authentication
...
The API Server currently uses the JSON Web-Token
...
(JWT) approach. The basic flow is as follows:
- POST to /authenticate
- {"username": "demo", "password": "12345"}
- response
{"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0NTY4NzE3ODgsImlkIjoiZGVtbyIsIm9yaWdfaWF0IjoxNDU2ODY5OTg4fQ.pJ2CQyqXDV675KrAtz3qVzwbM7k-tnZ28Pc0o81GtGU"}
- For all subsequent requests, include the following header:
Authorization: Bearer TOKEN
- To refresh the token, simply GET /refresh_token, this will retrieve an updated token
The interceptor model described here https://thinkster.io/angularjs-jwt-auth also looks like a handy way to keep things alive without persisting stuff on the client.
- Password will be validated against the server-side "project" structure
Volumes
- If development environment, creating a volume is just a mkdir on some local path
- If production environment, creating a volume requires a call to the Openstack API (Create, Attach) then a local call to mkfs, then a call to the Openstack API (Detach)
...