Aller au contenu principal

Authentication

Learn how to authenticate with the YODI API.

Overview

YODI provides multiple authentication methods:

  1. API Key Authentication - For server-to-server communication
  2. Email/Password Login - For user accounts
  3. Google OAuth - For third-party login

API Key Authentication

This is the primary method for consuming YODI APIs.

How It Works

Every request to the YODI API must include your API key in the Authorization header:

Authorization: Bearer YOUR_API_KEY

Example

curl -X POST "https://admin.yodi.tg/api/ai/translate" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"text": "Bonjour",
"sourceLanguage": "fr",
"targetLanguage": "ewe"
}'

User Authentication

Login (Email & Password)

Endpoint: POST /auth/login

curl -X POST "https://admin.yodi.tg/api/auth/login" \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"password": "your_password"
}'

Response:

{
"message": "LOGIN_SUCCESS",
"error": false,
"data": {
"id": 1,
"email": "user@example.com",
"name": "John Doe",
"role": "viewer",
"isSubscribe": false
},
"status": 200
}

Register New Account

Endpoint: POST /auth/register

curl -X POST "https://admin.yodi.tg/api/auth/register" \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"name": "John Doe",
"password_hash": "P@ssword123"
}'

Response:

{
"message": "CONFIRMATION_LINK_SENT",
"error": false,
"data": {
"id": 1,
"email": "user@example.com",
"name": "John Doe",
"role": "viewer"
},
"status": 201
}

OAuth Login (Google)

Endpoint: POST /auth/google

curl -X POST "https://admin.yodi.tg/api/auth/google" \
-H "Content-Type: application/json" \
-d '{
"token": "google-oauth-id-token"
}'

Response:

{
"message": "LOGIN_SUCCESS",
"error": false,
"data": {
"id": 1,
"email": "user@gmail.com",
"name": "John Doe",
"role": "viewer"
},
"status": 200
}

Password Management

Forgot Password

Endpoint: POST /auth/forgot-password

curl -X POST "https://admin.yodi.tg/api/auth/forgot-password" \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com"
}'

Response:

{
"message": "RESET_LINK_SENT",
"error": false,
"data": null,
"status": 200
}

A password reset link will be sent to the provided email.

Reset Password

Endpoint: POST /auth/reset-password

curl -X POST "https://admin.yodi.tg/api/auth/reset-password" \
-H "Content-Type: application/json" \
-d '{
"token": "reset-token",
"newPassword": "NewP@ssword456"
}'

Response:

{
"message": "PASSWORD_RESET_SUCCESS",
"error": false,
"data": null,
"status": 200
}

Session Management

Get Current User

Endpoint: GET /auth/me

curl -X GET "https://admin.yodi.tg/api/auth/me" \
-H "Authorization: Bearer YOUR_API_KEY"

Response:

{
"message": "SUCCESS",
"error": false,
"data": {
"id": 1,
"email": "user@example.com",
"name": "John Doe",
"role": "viewer",
"isSubscribe": false,
"created_at": "2024-01-01T00:00:00.000Z"
},
"status": 200
}

Confirm Email

Endpoint: GET /auth/confirm?token=...

Confirm your email address using the token sent during registration:

curl -X GET "https://admin.yodi.tg/api/auth/confirm?token=your_confirmation_token" \
-H "Authorization: Bearer YOUR_API_KEY"

Response:

{
"message": "ACCOUNT_CONFIRMED",
"error": false,
"data": null,
"status": 200
}

Logout

Endpoint: POST /auth/logout

curl -X POST "https://admin.yodi.tg/api/auth/logout" \
-H "Authorization: Bearer YOUR_API_KEY"

Response:

{
"message": "LOGOUT_SUCCESS",
"error": false,
"data": null,
"status": 200
}

Security Best Practices

DO:

  • Store API keys in environment variables

  • Use HTTPS for all requests

  • Rotate API keys periodically

  • Use different keys for development and production

  • Monitor key usage in your dashboard

    DON'T:

  • Commit API keys to version control

  • Share your API key in emails or chat

  • Use the same key across multiple services

  • Expose keys in client-side code

  • Hardcode keys directly in your application


Next Steps