A Notes API written in Go to demonstrate CRUD (Create Read Update Delete) on encrypted notes anonymously without storing password in any manner - As an example to using cryptography to facilitate authentication
A proof-of-concept to my Medium article on Doing secure password authentication without storing passwords - the main difference being here we do CRUD on notes instead of encryption and decryption on asymmetric private keys
We all like greetings - This API likes to greet, but it is not pushy about it, it only offers you its heartfelt time-appropriate greetings if you ask for them.
Method: GET
URL:
http://$host:$port/
Method: POST
URL:
http://$host:$port/create
BODY:
{
"id": "mySecretNote",
"pass": "&now:we@pluto",
"note": "I am a bufferfly, flying through the sky"
}
HTTP Status: 200
If an ID is not supplied or a note already exists with the supplied id, An 8 character long random ID is generated.
BODY:
{
"id": "mySecretNote"
}
A request may fail due to: reasons:
- Data was not supplied / improperly supplied
- Something unexpected happened on the server-side
If a request fails due to 1, HTTP Status: 400
is returned
If a request fails due to 1, HTTP Status: 500
is returned
Method: GET
URL:
http://$host:$port/read
BODY:
{
"id": "mySecretNote",
"note": "I am a bufferfly, flying through the sky"
}
HTTP Status: 200
BODY:
{
"id": "mySecretNote"
}
A request may fail due to: reasons:
- Data was not supplied / improperly supplied
- Supplied password was incorrect
- Note not found
- Something unexpected happened on the server-side
If a request fails due to 1, HTTP Status: 400
is returned
If a request fails due to 2, HTTP Status: 403
is returned
If a request fails due to 3, HTTP Status: 404
is returned
If a request fails due to 4, HTTP Status: 500
is returned
Method: DELETE
URL:
http://$host:$port/delete
BODY:
{
"id": "mySecretNote",
"pass": "&now:we@pluto"
}
HTTP Status: 200
BODY:
{
"id": "mySecretNote"
}
A request may fail due to: reasons:
- Data was not supplied / improperly supplied
- Supplied password was incorrect
- Note not found
- Something unexpected happened on the server-side
If a request fails due to 1, HTTP Status: 400
is returned
If a request fails due to 2, HTTP Status: 403
is returned
If a request fails due to 3, HTTP Status: 404
is returned
If a request fails due to 4, HTTP Status: 500
is returned
Method: PUT
URL:
http://$host:$port/update/note
BODY:
{
"id": "mySecretNote",
"pass": "&now:we@pluto",
"note": "I am a bufferfly, flying through the sky on Mars"
}
Optionally to change the password, a new password may also be supplied, like so:
BODY:
{
"id": "mySecretNote",
"pass": "&now:we@pluto",
"new_pass": "&now:we@moon",
"note": "I am a bufferfly, flying through the sky on Mars"
}
HTTP Status: 200
BODY:
{
"id": "mySecretNote"
}
A request may fail due to: reasons:
- Data was not supplied / improperly supplied
- Supplied password was incorrect
- Note not found
- Something unexpected happened on the server-side
If a request fails due to 1, HTTP Status: 400
is returned
If a request fails due to 2, HTTP Status: 403
is returned
If a request fails due to 3, HTTP Status: 404
is returned
If a request fails due to 4, HTTP Status: 500
is returned
Method: PATCH
URL:
http://$host:$port/update/pass
BODY:
{
"id": "mySecretNote",
"pass": "&now:we@pluto",
"newpass": "&now:we@moon"
}
HTTP Status: 200
BODY:
{
"id": "mySecretNote"
}
A request may fail due to: reasons:
- Data was not supplied / improperly supplied
- Supplied password was incorrect
- Note not found
- Something unexpected happened on the server-side
If a request fails due to 1, HTTP Status: 400
is returned
If a request fails due to 2, HTTP Status: 403
is returned
If a request fails due to 3, HTTP Status: 404
is returned
If a request fails due to 4, HTTP Status: 500
is returned