# Authentication, Oct. 23.
## Conclusion
* Framework: Python-flask
* HTTP request doc
## HTTP Request
* bot: 請輸入 NTU mail
* user 輸入 NTU mail
* bot: 請再次確認 NTU mail 是否正確
* user: 打勾
* bot: 已寄送驗證碼到 NTU mail
* user 至 NTU mail 獲取驗證碼
* bot: 請輸入驗證碼
* user 輸入驗證碼
### POST user register
```python=
## Send
{
"user_name": "r09946018",
"discord_user_id": "895112618040254524", // unique
"email": "r09946018@ntu.edu.tw",
}
## Return (json)
### 成功註冊會是 200,JSON 內容是驗證碼
### 格式/內容錯誤是 400,JSON 內容是錯誤訊息
### 資料庫錯誤是 500,請聯絡VC
{
"result": "AEFCE726FBEE8BB610C9CAEFC156A2DEC027D"
}
```
### POST user authentication
```python=
## Send
{
"user_name": "r09946018",
"discord_user_id": "895112618040254524",
"key": "AEFCE726FBEE8BB610C9CAEFC156A2DEC027D",
}
## Return (JSON)
### 成功驗證會是 200,JSON 內容是正確驗證
### 格式/內容錯誤/驗證錯誤是 400,JSON 內容是錯誤訊息
### 資料庫錯誤是 500,請聯絡VC
{
"result", "ok"
}
```
### POST user existence check
```python=
## Send
{
"discord_user_id": "895112618040254524",
"email": "r09946018@ntu.edu.tw",
}
## Return (json)
### 成功查詢會是 200,只要任意有出現過就會是 True
### 格式/內容錯誤 400,JSON 內容是錯誤訊息
### 資料庫錯誤是 500,請聯絡VC
{
"result": False
}
```
## Issue
1. auth 要跟 bot 整合在一起嗎
1. Who is in charge of frontend?
1. Who is in charge of server?
1. Security Issue
## Deployment
1. - [x] Heroku
- 部屬網址:https://ntu-discord-authapi.herokuapp.com
3. - [ ] 資工系同學
## Database
![](https://i.imgur.com/ZIPrzb3.png)
:::success
**Model**
- uid
- Integer
- primary_key (auto-increment)
- discord_id
- Text
- unique
- not nullable
- user_name
- Text
- not nullable
- email
- Text
- unique
- not nullable
- valid
- Boolean
- default false
:::
## Getting started
```python=
import requests
ROOT_URL = "https://ntu-discord-authapi.herokuapp.com"
def register(session, user_name, discord_user_id, email, **args) :
data = {
'user_name': user_name,
'discord_user_id': discord_user_id,
'email': email,
}
r = session.post(f'{ROOT_URL}/register', json = data)
if r.status_code == 200 :
return r.json()
else :
print(r.json())
exit(1)
def auth(session, user_name, discord_user_id, key, **args) :
data = {
'user_name': user_name,
'discord_user_id': discord_user_id,
'key': key,
}
r = session.post(f'{ROOT_URL}/authentication', json = data)
if r.status_code == 200 :
return r.json()
else :
print(r.json())
exit(1)
def existence(session, discord_user_id, email, **args) :
data = {
'discord_user_id': discord_user_id,
'email': email,
}
r = requests.post(f'{ROOT_URL}/existence', json = data)
if r.status_code == 200 :
return r.json()
else :
print(r.json())
exit(1)
user_info = {
'user_name': "r09946018",
'discord_user_id': "895112618040254524",
'email': "r09946018@ntu.edu.tw",
}
s = requests.Session()
resp = existence(s, **user_info)
print(resp)
resp = register(s, **user_info)
print(resp)
user_info['key'] = resp['result']
resp = auth(s, **user_info)
print(resp)
```
## Deadline
Oct. 30.