Skip to content

Routes

This is a list of routes and their (basic) functions.

/

GET

Should always return something similar to the below.

200 OK
{
    "message": "Hello World!",
    "docs": "https://docs.opentodo.ecorous.org"
}

This can be used to verify that a server is indeed up and running, as it should always respond with that

/account

POST

This route is used to make accounts, additionally to logging in to an account. See Authentication for more information on how auth works. The input should look something like below, replacing the placeholders with their respective values.

{
    "username": "<username>",
    "password": "<password>"
}

Note

Passwords are stored securely, hashed using Argon2. You can review how this is done in the source code.

If everything is successful, you should get a respond of the following:

200 OK
{
    "id": "<user id>",
    "key": "<api key>"
}

There is a password strength requirement, using nbvcxz. If the password is too weak, you should get a response that looks like the below.

400 Bad Request
{
    "error": "password too weak"
}

There are also other errors, listed here:

  • No username present
400 Bad Request
{
    "error": "enter a username"
}
  • Username too long (> 50 chars)
400 Bad Request
{
    "error": "username too long. max chars: 50"
}
  • No password present
400 Bad Request
{
    "error": ":catstare: https://cdn.discordapp.com/emojis/1043075191955267665.png"
}

These following errors are login (not acccount creation) specific:

  • Incorrect Password
401 Unauthorized
{
    "error": "incorrect password"
}