Authentication, Oct. 23.

# Authentication, Oct. 23. ## Conclusion * Framework: Python-flask * HTTP request doc ## HTTP Request * bot: 請輸入 NTU mail * user 輸入 NTU mail * bot: 請再次確認 NTU mail 是否正確 * user: 打勾 * bot: 已寄送驗證碼到 NTU mail * user 至 NTU mail 獲取驗證碼 * bot: 請輸入驗證碼 * user 輸入驗證碼 ### POST user register ```python= ## Send { "user_name": "r09946018", "discord_user_id": "895112618040254524", // unique "email": "r09946018@ntu.edu.tw", } ## Return (json) ### 成功註冊會是 200，JSON 內容是驗證碼 ### 格式/內容錯誤是 400，JSON 內容是錯誤訊息 ### 資料庫錯誤是 500，請聯絡VC { "result": "AEFCE726FBEE8BB610C9CAEFC156A2DEC027D" } ``` ### POST user authentication ```python= ## Send { "user_name": "r09946018", "discord_user_id": "895112618040254524", "key": "AEFCE726FBEE8BB610C9CAEFC156A2DEC027D", } ## Return (JSON) ### 成功驗證會是 200，JSON 內容是正確驗證 ### 格式/內容錯誤/驗證錯誤是 400，JSON 內容是錯誤訊息 ### 資料庫錯誤是 500，請聯絡VC { "result", "ok" } ``` ### POST user existence check ```python= ## Send { "discord_user_id": "895112618040254524", "email": "r09946018@ntu.edu.tw", } ## Return (json) ### 成功查詢會是 200，只要任意有出現過就會是 True ### 格式/內容錯誤 400，JSON 內容是錯誤訊息 ### 資料庫錯誤是 500，請聯絡VC { "result": False } ``` ## Issue 1. auth 要跟 bot 整合在一起嗎 1. Who is in charge of frontend? 1. Who is in charge of server? 1. Security Issue ## Deployment 1. - [x] Heroku - 部屬網址：https://ntu-discord-authapi.herokuapp.com 3. - [ ] 資工系同學 ## Database ![](https://i.imgur.com/ZIPrzb3.png) :::success **Model** - uid - Integer - primary_key (auto-increment) - discord_id - Text - unique - not nullable - user_name - Text - not nullable - email - Text - unique - not nullable - valid - Boolean - default false ::: ## Getting started ```python= import requests ROOT_URL = "https://ntu-discord-authapi.herokuapp.com" def register(session, user_name, discord_user_id, email, **args) : data = { 'user_name': user_name, 'discord_user_id': discord_user_id, 'email': email, } r = session.post(f'{ROOT_URL}/register', json = data) if r.status_code == 200 : return r.json() else : print(r.json()) exit(1) def auth(session, user_name, discord_user_id, key, **args) : data = { 'user_name': user_name, 'discord_user_id': discord_user_id, 'key': key, } r = session.post(f'{ROOT_URL}/authentication', json = data) if r.status_code == 200 : return r.json() else : print(r.json()) exit(1) def existence(session, discord_user_id, email, **args) : data = { 'discord_user_id': discord_user_id, 'email': email, } r = requests.post(f'{ROOT_URL}/existence', json = data) if r.status_code == 200 : return r.json() else : print(r.json()) exit(1) user_info = { 'user_name': "r09946018", 'discord_user_id': "895112618040254524", 'email': "r09946018@ntu.edu.tw", } s = requests.Session() resp = existence(s, **user_info) print(resp) resp = register(s, **user_info) print(resp) user_info['key'] = resp['result'] resp = auth(s, **user_info) print(resp) ``` ## Deadline Oct. 30.