WebApp
web application must only support Token-Based Basic authentication and not Session Authentication.
As a user, I must provide a basic authentication token when making an API call to the authenticated endpoint.
Create a new user As a user, I want to create an account by providing the following information. Email Address Password First Name Last Name
account_created field for the user should be set to the current time when user creation is successful. Users should not be able to set values for account_created and account_updated. Any value provided for these fields must be ignored. Password should never be returned in the response payload. As a user, I expect to use my email address as my username.
Application must return 400 Bad Request HTTP response code when a user account with the email address already exists. As a user, I expect my password to be stored securely using the BCrypt password hashing scheme with salt. Update user information
As a user, I want to update my account information. I should only be allowed to update the following fields. First Name Last Name Password Attempt to update any other field should return 400 Bad Request HTTP response code. account_updated field for the user should be updated when the user update is successful. A user can only update their own account information. Get user information As a user, I want to get my account information. Response payload should return all fields for the user except for password.
These are the swagger Docs:
GET /v1/user/self Get User Information
PUT /v1/user/self Update user information
public Operations available to all users without authentication
GET /healthz Health endpoint
POST /healthz Health endpoint
PUT /healthz Health endpoint
DELETE /healthz Health endpoint
HEAD /healthz Health endpoint
OPTIONS /healthz Health endpoint
POST /v1/user Create a user
PACKER