Burgernotes/APIDOCS.md

# 🍔 Burgernotes API docs
Use the Burgernotes API to automate tasks, build your own client, and more!

Headers should be: "Content-type: application/json; charset=UTF-8" for all POSTs

## 🔑 Authentication

POST - /api/signup - provide "username" and "password".

POST - /api/login - provide "username", "password"

To prevent the server from knowing the encryption key, the password you provide in the request must be hashed with the SHA-3 algorithm with 128 iterations (the hash is hashed again 128 times).

Password should be at least 8 characters, username must be under 20 characters and alphanumeric.

If username is taken, error code 422 will return.

Assuming everything went correctly, the server will return a secret key.

You'll need to store two things in local storage:
- The secret key you just got, used to fetch notes, save stuff etc.
- A SHA512 hashed password, used as encryption key

## 🔐 Encryption

Note content and title is encrypted using AES 256-bit.

Encryption password is the SHA512 hashed password we talked about earlier.

## 🕹️ Basic stuff

POST - /api/userinfo - get user info such as username, provide "secretKey"

POST - /api/listnotes - list notes, provide "secretKey"
note titles will have to be decrypted.

POST - /api/newnote - create a note, provide "secretKey" and "noteName"
"noteName" should be encrypted.

POST - /api/readnote - read notes, provide "secretKey" and "noteId"
note content will have to be decrypted.

POST - /api/editnote - edit notes, provide "secretKey", "noteId", "title", and "content"
"content" should be encrypted.
"title" is the first line of the note content, and should be encrypted.

POST - /api/removenote - remove notes, provide "secretKey" and "noteId"

## ⚙️ More stuff

POST - /api/deleteaccount - delete account, provide "secretKey"
please display a warning before this action

POST - /api/exportnotes - export notes, provide "secretKey"
note content and title will have to be decrypted

POST - /api/sessions/list - show all sessions, provide "secretKey"

POST - /api/sessions/remove - remove session, provide "secretKey" and "sessionId"

POST - /api/listusers - lists all users in JSON, provide "masterKey" (set in config.ini)
"smart" titles 2024-03-10 22:00:40 +00:00			`# 🍔 Burgernotes API docs`
fart 2023-08-05 23:28:57 +01:00			`Use the Burgernotes API to automate tasks, build your own client, and more!`

Update 'APIDOCS.md' 2023-08-06 18:17:28 +01:00			`Headers should be: "Content-type: application/json; charset=UTF-8" for all POSTs`

"smart" titles 2024-03-10 22:00:40 +00:00			`## 🔑 Authentication`
fart 2023-08-05 23:28:57 +01:00
			`POST - /api/signup - provide "username" and "password".`

Fully rewrote the server fr in go 2024-06-21 01:46:21 +01:00			`POST - /api/login - provide "username", "password"`
fart 2023-08-05 23:28:57 +01:00
Fully rewrote the server fr in go 2024-06-21 01:46:21 +01:00			`To prevent the server from knowing the encryption key, the password you provide in the request must be hashed with the SHA-3 algorithm with 128 iterations (the hash is hashed again 128 times).`
Update APIDOCS.md 2024-02-25 19:38:36 +00:00
Update APIDOCS.md 2024-02-23 11:32:47 +00:00			`Password should be at least 8 characters, username must be under 20 characters and alphanumeric.`
fart 2023-08-05 23:28:57 +01:00
			`If username is taken, error code 422 will return.`

			`Assuming everything went correctly, the server will return a secret key.`

			`You'll need to store two things in local storage:`
			`- The secret key you just got, used to fetch notes, save stuff etc.`
Fixed APIdocs 2024-02-25 19:41:46 +00:00			`- A SHA512 hashed password, used as encryption key`
fart 2023-08-05 23:28:57 +01:00
"smart" titles 2024-03-10 22:00:40 +00:00			`## 🔐 Encryption`
fart 2023-08-05 23:28:57 +01:00
			`Note content and title is encrypted using AES 256-bit.`

Fixed APIdocs 2024-02-25 19:41:46 +00:00			`Encryption password is the SHA512 hashed password we talked about earlier.`
fart 2023-08-05 23:28:57 +01:00
"smart" titles 2024-03-10 22:00:40 +00:00			`## 🕹️ Basic stuff`
fart 2023-08-05 23:28:57 +01:00
			`POST - /api/userinfo - get user info such as username, provide "secretKey"`

			`POST - /api/listnotes - list notes, provide "secretKey"`
			`note titles will have to be decrypted.`

			`POST - /api/newnote - create a note, provide "secretKey" and "noteName"`
			`"noteName" should be encrypted.`

			`POST - /api/readnote - read notes, provide "secretKey" and "noteId"`
			`note content will have to be decrypted.`

"smart" titles 2024-03-10 22:00:40 +00:00			`POST - /api/editnote - edit notes, provide "secretKey", "noteId", "title", and "content"`
fart 2023-08-05 23:28:57 +01:00			`"content" should be encrypted.`
meow 2024-03-11 20:45:22 +00:00			`"title" is the first line of the note content, and should be encrypted.`
fart 2023-08-05 23:28:57 +01:00
			`POST - /api/removenote - remove notes, provide "secretKey" and "noteId"`

"smart" titles 2024-03-10 22:00:40 +00:00			`## ⚙️ More stuff`
fart 2023-08-05 23:28:57 +01:00
			`POST - /api/deleteaccount - delete account, provide "secretKey"`
			`please display a warning before this action`

			`POST - /api/exportnotes - export notes, provide "secretKey"`
burger 2023-08-19 18:20:37 +01:00			`note content and title will have to be decrypted`

			`POST - /api/sessions/list - show all sessions, provide "secretKey"`

Fixed APIdocs 2024-02-25 19:41:46 +00:00			`POST - /api/sessions/remove - remove session, provide "secretKey" and "sessionId"`
Fully rewrote the server fr in go 2024-06-21 01:46:21 +01:00
			`POST - /api/listusers - lists all users in JSON, provide "masterKey" (set in config.ini)`