WebApp

web application must only support Token-Based Basic authentication and not Session Authentication.

As a user, I must provide a basic authentication token when making an API call to the authenticated endpoint.

Create a new user As a user, I want to create an account by providing the following information. Email Address Password First Name Last Name

account_created field for the user should be set to the current time when user creation is successful. Users should not be able to set values for account_created and account_updated. Any value provided for these fields must be ignored. Password should never be returned in the response payload. As a user, I expect to use my email address as my username.

Application must return 400 Bad Request HTTP response code when a user account with the email address already exists. As a user, I expect my password to be stored securely using the BCrypt password hashing scheme with salt. Update user information

As a user, I want to update my account information. I should only be allowed to update the following fields. First Name Last Name Password Attempt to update any other field should return 400 Bad Request HTTP response code. account_updated field for the user should be updated when the user update is successful. A user can only update their own account information. Get user information As a user, I want to get my account information. Response payload should return all fields for the user except for password.

These are the swagger Docs:

GET /v1/user/self Get User Information

PUT /v1/user/self Update user information

public Operations available to all users without authentication

GET /healthz Health endpoint

POST /healthz Health endpoint

PUT /healthz Health endpoint

DELETE /healthz Health endpoint

HEAD /healthz Health endpoint

OPTIONS /healthz Health endpoint

POST /v1/user Create a user

PACKER