Authentication
- Christopher Lytle
Authentication
The QPAPI uses a token-based authentication system. This means that you need to provide a valid token in order to access the API. You can get a token by following the steps below.
The QPAPI uses the list of existing users to authenticate. These users can be added or removed by the administrator on the admin page.
When the QPAPI authenticates the token, it will check if it belongs to a user in the list of existing users. Then it would check if the token is still valid and the user's password is also valid. It would also check if the user has the necessary permissions to access the endpoint.
Getting a token
To generate the token you need to generate the token using base64 encoding. The token should be in the following format: username:password. For example, if your username is test and your password is test, the token should be dGVzdDp0ZXN0.
You can use the following command to generate the token:
echo -n 'username:password' | base64
Output: dXNlcm5hbWU6cGFzc3dvcmQ=
You could also use the following Python code to generate the token:
import base64
username = 'username'
password = 'password'
token = base64.b64encode(f'{username}:{password}'.encode()).decode()
print(token)
output: dXNlcm5hbWU6cGFzc3dvcmQ=
Using the token
Once you have a token, you must include it in your requests' Authorization header. The token should be prefixed with the word Basic followed by a space.
Example
GET /api/v1/is_capturing
Authorization
Basic eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6InRlc3QiLCJpYXQiOjE1MTYyMzkwMjJ9.7J1