RESTAPI:Password operations

Aus Cryptshare Documentation
Version vom 12. Mai 2023, 16:55 Uhr von Frorathm (Diskussion | Beiträge)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu:Navigation, Suche

Cryptshare Server administrators are able to set-up various password requirements. In order to check the requirements or to validate or generate passwords, several endpoints exist to assist.

Request a generated password

With this endpoint the consumer can request a server-side generated password in the response body that fulfills all password requirements.

GET https://<your-url>/api/password

Validate a custom password

Before setting a transfer password in the Edit Password endpoint, the consumer would be able to validate their custom password first, to check if it fulfills all password requirements.

If the password does not fulfill certain requirements, these are listed in the response body.

POST https://<your-url>/api/password

Description Rule name
If whitespaces are forbidden whitespacesDeclined
If alphabetical sequences like "abc" are forbidden alphabeticalSequenceDeclined
If numeric sequences like "123" are forbidden numericSequenceDeclined
If sequences found on keyboards are forbidden like "qwerty" keyboardSequenceDeclined
If the blocklisted characters are forbidden. (Manually configurable by the Cryptshare Server administrator) blacklistedCharactersDeclined
If directly repeated characters are forbidden like (Flussschifffahrt with sss and fff) repeatedCharactersDeclined
If common words that can be found in dictionaries are forbidden. dictionaryWordsDeclined
The minimum length of the password minimumLengthRequired
The maximum length of the password maximumLengthRequired
If letters are required lettersRequired
If special characters like !"§$ are required specialCharactersRequired
If upper case characters are required upperCaseRequired
If lower case characters are required lowerCaseRequired
If digits are required.

Request password requirements

The consumer is able to receive a list of all password requirements that have to be fulfilled, so that the password is allowed as a transfer password.

The same properties like in the "Validate a custom password" request are used.

GET https://<your-url>/api/password/requirements