460dfc31f1
fix: Adding filter to public-loads endpoint fix: Adding isVerified field on account_create event
ETA API
ETA Viaporte API
Dependencies
- NodeJS v18
- Docker
Endpoints
All endpoints that return a list of elements is paginable with the following queries:
elements: Number of elements for each page.page: Page number (from 0 to n)
Example:
/endpoint?elements=50&page=2: Get page 2 with 50 elements per page./endpoint?page=2: Get page 2 with default (10) elements per page./endpoint?elements=50: Get page 0 with 50 elements.
Public endpoints
Read registered resources:
GET /account: At this location you can: register, login, recover password, renew JWT.GET /countries: List registered countries.GET /cities: List registered cities.GET /meta-data: List registered meta-data.GET /meta-groups: List registered meta-data.GET /product-categories: List registered product-categories.GET /public-companies: List registered companies.GET /public-loads: List registered loads.GET /public-load-attachments/download/:id: Downloads the attachment of the load identified by Id.GET /public-vehicles: List registered vehicles.GET /states: List registered states.
All these endpoints support the following parameters (except for those with public- as prefix, for example public-vehicles):
/: List registered resources with pagination./:id: Read specific resource identified by Id./find?regex=xxx: List resources that matches with regex (support pagination).
/account
This endpoint provides mechanisms to register, login, recover password and renew JWT.
The Login and Renew process will return 2 tokens, the accessToken (JWT) which is used in every further request to authorize access to private endpoints. And the 2nd is the session_token (renew token), which should be used after the expiration of the JWT, in order to generate another JWT and session token without the need of use the email and password_.
The session token expiration is typically 30 days after its generation. Every renewal replaces the token in the DB and the expiration is reset again to 30 days.
POST /account/authorize
Login process, returns a JWT and Renew Token
Expects a body with the following data:
{
"email":"testing@etaviaporte.com",
"password":"PasswordExample"
}
Returns:
{
"accessToken" : "JWT",
"payload" : "Content in the JWT",
"session_token": "Renew token",
"session_token_exp": "Expiration of renew token in UNIX epoch format",
"user" : { ... }
}
GET /account/authorize/:session_token
Renewal of JWT with session token, will return the new session token and a new JWT only if the session token is not expired, otherwise the request will fail and the login process should be used instead.
Example of usage:
GET /account/authorize/"HERE_GOES_THE_SESSION_TOKEN"
Returns:
{
"accessToken" : "JWT",
"payload" : "Content in the JWT",
"session_token": "Renew token",
"session_token_exp": "Expiration of renew token in UNIX epoch format",
"user" : { ... }
}
POST /account/signup
Create a new user. This will trigger an email with the OTP (one time password) to verify the email. There is no expiration time, but it is expected that the Fron End removes the checksum from the local storage after an expiration time defined in the Front End.
This will return a checksum string to be used in the confirmation process.
Expects a body with the following data:
{
"email":"testing@etaviaporte.com",
"password":"PasswordExample"
}
Returns:
{
"checksum" : "JWT"
}
PATCH /account/signup
Confirms registration of new user. This will trigger a welcome email to the user. There is no timeout to confirm the email, but it is expected that the Fron End removes the checksum from the local storage after an expiration time defined in the Front End.
If the checksum matches but the user is already registered, then this request will be rejected.
Expects a body with the same data as the POST request, but adding the OTP received in the email, the company type decided by the user and the checksum generated by the POST request. Here is an example:
{
"email":"testing@etaviaporte.com",
"password":"PasswordExample",
"otp":"OTP string",
"checksum":"Checksum generated in the POST request"
}
Returns:
{
"msg" : "User created successfully!"
}
POST /account/recover
Reset password request. This will trigger an email with the OTP (one time password) to verify the email. There is no expiration time, but it is expected that the Fron End removes the checksum from the local storage after an expiration time defined in the Front End.
This will return a checksum string to be used in the confirmation process.
Expects a body with the following data:
{
"email":"testing@etaviaporte.com",
"password":"new password"
}
Returns:
{
"checksum" : "JWT"
}
PATCH /account/recover
Confirms the email to recover the password. There is no timeout to confirm the email, but it is expected that the Fron End removes the checksum from the local storage after an expiration time defined in the Front End.
Expects a body with the same data as the POST request, but adding the OTP received in the email, and the checksum generated by the POST request. Here is an example:
{
"email":"testing@etaviaporte.com",
"password":"New Password Example",
"otp":"OTP string",
"checksum":"Checksum generated in the POST request"
}
Returns:
{
"msg" : "Password is reset!"
}
GET /public-companies
Get public fields from registered companies.
GET /shipper: List registered shippers that are not hidden only.GET /carrier: List registered carriers that are not hidden only.
GET /public-loads
Get public fields from registered loads.
GET /: List only loads with status Published.
GET /public-vehicles
Get public fields from registered vehicles.
GET /published: List only latest published vehicles.GET /location: List only location from vehicles in status Free.
Private Endpoints
The following list of endpoints requires a JWT.
GET /loads: List loads related to my company.GET /load-attachments: List load attachments related to my company or load id.
Test Endpoint
A private endpoint to test the JWT and the api response.
POST /apitest: Return whatever is sent on the body, queries and parameters.GET /version: Return the API version.