🔏Authentication

How to authenticate the user in server-side.

You must understand that to authenticate an user in the environment you must be listed as one of the cookie domains. The API generates an TOKEN and makes sure that its unique so you can use it as the user to get user information and do stuff.

Here is an example of how you can authenticate the user. And also get its information by making one request.

let sessionToken = req.cookies.SessionID //Get the SessionID Cookie
let isLogged = false

let response = await fetch(`https://api.nextfur.net/v1/users/get/session/${sessionToken}`)
let data = response.json() //"All" the user's information

isLogged = data.isLogged //boolean

Methods Allowed:

API ENDPOINT: /v1/oauth2

• GET /login

• POST /login

• GET /register

• POST /register

• GET /authorize

TWO FACTOR AUTHENTICATION: /v1/oauth2/2fa/

• GET /mailconfirm

• POST/mailconfirm

• GET /resendcode

Generally NOT used for client applications. API system already handles auth inside the system, with all redirect and 2FA.

/LOGIN [GET]

SECURITY: FALSE ACTION: Fetches if the user is logged in, then redirects to the redirect URL. RESULT: EJS

-> REQUEST

/v1/oauth2/login?redirectTo=<REDIRECTURL>&bruteRequest=true

-> RESULT

IN-API LOGIN USER-FRIENDLY HANDLING

/LOGIN [POST]

SECURITY: FALSE ACTION: Fetches if the user is logged in, then authenticate in the server. RESULT: JSON & COOKIE

-> REQUEST URL

/v1/oauth2/login?bruteRequest=true

-> REQUEST BODY

{
    "username": "<USERNAME>",
    "password": "<USER_PASSWORD>"
}

-> RESULT

SessionID=<COOKIE-SESSION-TOKEN>

{
    "message": "User Logged In",
    "redirectURL": "<URL>"
    "2fa": {
        "mailIsConfirmed": "<BOOLEAN>",
        "discordIsConfirmed": "<BOOLEAN>"
    }
}