Authentication
Learn how to authenticate with the YODI API.
Overview
YODI provides multiple authentication methods:
- API Key Authentication - For server-to-server communication
- Email/Password Login - For user accounts
- Google OAuth - For third-party login
API Key Authentication
This is the primary method for consuming YODI APIs.
How It Works
Every request to the YODI API must include your API key in the Authorization header:
Authorization: Bearer YOUR_API_KEY
Example
curl -X POST "https://admin.yodi.tg/api/ai/translate" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"text": "Bonjour",
"sourceLanguage": "fr",
"targetLanguage": "ewe"
}'
User Authentication
Login (Email & Password)
Endpoint: POST /auth/login
curl -X POST "https://admin.yodi.tg/api/auth/login" \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"password": "your_password"
}'
Response:
{
"message": "LOGIN_SUCCESS",
"error": false,
"data": {
"id": 1,
"email": "user@example.com",
"name": "John Doe",
"role": "viewer",
"isSubscribe": false
},
"status": 200
}
Register New Account
Endpoint: POST /auth/register
curl -X POST "https://admin.yodi.tg/api/auth/register" \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"name": "John Doe",
"password_hash": "P@ssword123"
}'
Response:
{
"message": "CONFIRMATION_LINK_SENT",
"error": false,
"data": {
"id": 1,
"email": "user@example.com",
"name": "John Doe",
"role": "viewer"
},
"status": 201
}
OAuth Login (Google)
Endpoint: POST /auth/google
curl -X POST "https://admin.yodi.tg/api/auth/google" \
-H "Content-Type: application/json" \
-d '{
"token": "google-oauth-id-token"
}'
Response:
{
"message": "LOGIN_SUCCESS",
"error": false,
"data": {
"id": 1,
"email": "user@gmail.com",
"name": "John Doe",
"role": "viewer"
},
"status": 200
}
Password Management
Forgot Password
Endpoint: POST /auth/forgot-password
curl -X POST "https://admin.yodi.tg/api/auth/forgot-password" \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com"
}'
Response:
{
"message": "RESET_LINK_SENT",
"error": false,
"data": null,
"status": 200
}
A password reset link will be sent to the provided email.
Reset Password
Endpoint: POST /auth/reset-password
curl -X POST "https://admin.yodi.tg/api/auth/reset-password" \
-H "Content-Type: application/json" \
-d '{
"token": "reset-token",
"newPassword": "NewP@ssword456"
}'
Response:
{
"message": "PASSWORD_RESET_SUCCESS",
"error": false,
"data": null,
"status": 200
}
Session Management
Get Current User
Endpoint: GET /auth/me
curl -X GET "https://admin.yodi.tg/api/auth/me" \
-H "Authorization: Bearer YOUR_API_KEY"
Response:
{
"message": "SUCCESS",
"error": false,
"data": {
"id": 1,
"email": "user@example.com",
"name": "John Doe",
"role": "viewer",
"isSubscribe": false,
"created_at": "2024-01-01T00:00:00.000Z"
},
"status": 200
}
Confirm Email
Endpoint: GET /auth/confirm?token=...
Confirm your email address using the token sent during registration:
curl -X GET "https://admin.yodi.tg/api/auth/confirm?token=your_confirmation_token" \
-H "Authorization: Bearer YOUR_API_KEY"
Response:
{
"message": "ACCOUNT_CONFIRMED",
"error": false,
"data": null,
"status": 200
}
Logout
Endpoint: POST /auth/logout
curl -X POST "https://admin.yodi.tg/api/auth/logout" \
-H "Authorization: Bearer YOUR_API_KEY"
Response:
{
"message": "LOGOUT_SUCCESS",
"error": false,
"data": null,
"status": 200
}
Security Best Practices
DO:
-
Store API keys in environment variables
-
Use HTTPS for all requests
-
Rotate API keys periodically
-
Use different keys for development and production
-
Monitor key usage in your dashboard
DON'T:
-
Commit API keys to version control
-
Share your API key in emails or chat
-
Use the same key across multiple services
-
Expose keys in client-side code
-
Hardcode keys directly in your application