Authentication
Learn how to authenticate with the YODI API.
Overviewโ
YODI provides multiple authentication methods:
- API Key Authentication - For server-to-server communication
- Email/Password Login - For user accounts
- Google OAuth - For third-party login
API Key Authenticationโ
This is the primary method for consuming YODI APIs.
How It Worksโ
Every request to the YODI API must include your API key in the Authorization header:
Authorization: Bearer YOUR_API_KEY
Exampleโ
curl -X POST "https://admin.yodi.tg/api/ai/translate" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"text": "Bonjour",
"sourceLanguage": "fr",
"targetLanguage": "ewe"
}'
User Authenticationโ
Login (Email & Password)โ
Endpoint: POST /auth/login
curl -X POST "https://admin.yodi.tg/api/auth/login" \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"password": "your_password"
}'
Response:
{
"message": "LOGIN_SUCCESS",
"error": false,
"data": {
"id": 1,
"email": "user@example.com",
"name": "John Doe",
"role": "viewer",
"isSubscribe": false
},
"status": 200
}
Register New Accountโ
Endpoint: POST /auth/register
curl -X POST "https://admin.yodi.tg/api/auth/register" \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"name": "John Doe",
"password_hash": "P@ssword123"
}'
Response:
{
"message": "CONFIRMATION_LINK_SENT",
"error": false,
"data": {
"id": 1,
"email": "user@example.com",
"name": "John Doe",
"role": "viewer"
},
"status": 201
}
OAuth Login (Google)โ
Endpoint: POST /auth/google
curl -X POST "https://admin.yodi.tg/api/auth/google" \
-H "Content-Type: application/json" \
-d '{
"token": "google-oauth-id-token"
}'
Response:
{
"message": "LOGIN_SUCCESS",
"error": false,
"data": {
"id": 1,
"email": "user@gmail.com",
"name": "John Doe",
"role": "viewer"
},
"status": 200
}
Password Managementโ
Forgot Passwordโ
Endpoint: POST /auth/forgot-password
curl -X POST "https://admin.yodi.tg/api/auth/forgot-password" \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com"
}'
Response:
{
"message": "RESET_LINK_SENT",
"error": false,
"data": null,
"status": 200
}
A password reset link will be sent to the provided email.
Reset Passwordโ
Endpoint: POST /auth/reset-password
curl -X POST "https://admin.yodi.tg/api/auth/reset-password" \
-H "Content-Type: application/json" \
-d '{
"token": "reset-token",
"newPassword": "NewP@ssword456"
}'
Response:
{
"message": "PASSWORD_RESET_SUCCESS",
"error": false,
"data": null,
"status": 200
}
Session Managementโ
Get Current Userโ
Endpoint: GET /auth/me
curl -X GET "https://admin.yodi.tg/api/auth/me" \
-H "Authorization: Bearer YOUR_API_KEY"
Response:
{
"message": "SUCCESS",
"error": false,
"data": {
"id": 1,
"email": "user@example.com",
"name": "John Doe",
"role": "viewer",
"isSubscribe": false,
"created_at": "2024-01-01T00:00:00.000Z"
},
"status": 200
}
Confirm Emailโ
Endpoint: GET /auth/confirm?token=...
Confirm your email address using the token sent during registration:
curl -X GET "https://admin.yodi.tg/api/auth/confirm?token=your_confirmation_token" \
-H "Authorization: Bearer YOUR_API_KEY"
Response:
{
"message": "ACCOUNT_CONFIRMED",
"error": false,
"data": null,
"status": 200
}
Logoutโ
Endpoint: POST /auth/logout
curl -X POST "https://admin.yodi.tg/api/auth/logout" \
-H "Authorization: Bearer YOUR_API_KEY"
Response:
{
"message": "LOGOUT_SUCCESS",
"error": false,
"data": null,
"status": 200
}
Security Best Practicesโ
DO:
-
Store API keys in environment variables
-
Use HTTPS for all requests
-
Rotate API keys periodically
-
Use different keys for development and production
-
Monitor key usage in your dashboard
DON'T:
-
Commit API keys to version control
-
Share your API key in emails or chat
-
Use the same key across multiple services
-
Expose keys in client-side code
-
Hardcode keys directly in your application