aboutsummaryrefslogtreecommitdiffhomepage
path: root/application/api
Commit message (Collapse)AuthorAgeFilesLines
* REST API: implements getLink by ID serviceArthurHoaro2017-02-192-2/+55
| | | | See http://shaarli.github.io/api-documentation/#links-link-get
* REST API - getLinks: support the visibility parameterArthurHoaro2017-01-171-3/+2
|
* Update LinkFilter to be able to filter only public linksArthurHoaro2017-01-161-1/+2
| | | | | | No update regarding the UI or the API for now Fixes #758
* Merge pull request #727 from ArthurHoaro/api/getlinksArthurHoaro2017-01-152-0/+117
|\ | | | | REST API: implement getLinks service
| * REST API: implement getLinks serviceArthurHoaro2017-01-152-0/+117
| | | | | | | | See http://shaarli.github.io/api-documentation/#links-links-collection-get
* | API: expect JWT in the Authorization headerVirtualTam2017-01-151-3/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Relates to https://github.com/shaarli/Shaarli/pull/731 Added: - require the presence of the 'Authorization' header Changed: - use the HTTP Bearer Token authorization schema See: - https://jwt.io/introduction/#how-do-json-web-tokens-work- - https://tools.ietf.org/html/rfc6750 - http://security.stackexchange.com/q/108662 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | API: fix JWT signature verificationVirtualTam2017-01-041-7/+5
|/ | | | | | | | | | | | | | | | | | | | | | Fixes https://github.com/shaarli/Shaarli/issues/737 Added: - Base64Url utilities Fixed: - use URL-safe Base64 encoding/decoding functions - use byte representations for HMAC digests - all JWT parts are Base64Url-encoded See: - https://en.wikipedia.org/wiki/JSON_Web_Token - https://tools.ietf.org/html/rfc7519 - https://scotch.io/tutorials/the-anatomy-of-a-json-web-token - https://jwt.io/introduction/ - https://en.wikipedia.org/wiki/Base64#URL_applications - https://secure.php.net/manual/en/function.base64-encode.php#103849 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* REST API structure using Slim frameworkArthurHoaro2016-12-158-0/+428
* REST API routes are handle by Slim. * Every API controller go through ApiMiddleware which handles security. * First service implemented `/info`, for tests purpose.