Some features of CaosDB are available to registered users only. Making any changes to the data stock via HTTP requires authentication.
Authentication is done by
password. They must be sent as form data with a POST
request to the /login/ resource:
The user name, for example
The password, for example
The server does not invalidate AuthTokens. They invalidate after they expire or when the server is being restartet. Client should just delete their AuthToken to ‘logout’.
However, in order to remove the AuthToken cookie from the browsers there is a convenient resource which will invalidate the cookie (not the AuthToken).
and the server will return an empty AuthToken cookie which immediately expires.
To use curl for talking with the server, first save your password into a
The create a cookie in
cookie.txt like this (note that this makes your
password visible for a short time to everyone on your system:
curl -X POST -c cookie.txt -D head.txt -d username=<USERNAME> -d password="$PW" --insecure "https://<SERVER>/login
cookie.txt contains the required authentication token information in the
cookie (url-encoded json).
Example token content
Using the token
To use the cookie, pass it on with later requests:
curl -X GET -b cookie.txt --insecure "https://<SERVER>/Entity/123"