Skip to content

API Doc

xun edited this page Mar 14, 2024 · 3 revisions

title: SAST Link language_tabs:

  • shell: Shell
  • http: HTTP
  • javascript: JavaScript
  • ruby: Ruby
  • python: Python
  • php: PHP
  • java: Java
  • go: Go toc_footers: [] includes: [] search: true code_clipboard: true highlight_theme: darkula headingLevel: 2 generator: "@tarslib/widdershins v4.0.22"

SAST Link

Base URLs:

Authentication

  • HTTP Authentication, scheme: bearer

oauth

GET oauth 认证

GET /oauth2/authorize

Body Parameters

{}

Params

Name Location Type Required Description
client_id query string yes none
code_challenge query string yes 字符串经过哈希算法加密生成
code_challenge_method query string yes 哈希算法
redirect_uri query string yes none
response_type query string yes none
scope query string yes none
state query string yes none
part query string no 这个是token
body body object no none

Response Examples

成功

{
  "Success": false,
  "ErrCode": 20004,
  "ErrMsg": "Token错误",
  "Data": null
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
Success boolean true none none
ErrCode integer true none none
ErrMsg string true none none
Data null true none none

POST 获取access token

POST /oauth2/token

客户端后端服务器向Oauth后端请求token

Body Parameters

code: N2U2OTUWZMMTYZE2MY0ZZTFHLWFMMGQTM2JKYJLMMDI0NJNJ
code_verifier: sast_forever
grant_type: authorization_code
redirect_uri: http://localhost:9094/oauth2
client_id: 5f5fff70-57e1-4c82-a030-071e1c641a9b
client_secret: RXpLNs9uCPT6HdtO9PyKNzuW9xVraQoh

Params

Name Location Type Required Description
Content-Type header string yes none
body body object no none
code body string yes 从oauth认证处得来
code_verifier body string yes 用于获取code_challenge
grant_type body string yes 使用授权码模式
redirect_uri body string yes 返回地址
client_id body string no 客户端id
client_secret body string no 客户端密钥

Response Examples

成功

{
  "access_token": "YTLHYJI4YZATMTAXYI0ZZWFKLWE4OTKTNZY2NDM2NWRLYJY5",
  "expires_in": 7200,
  "refresh_token": "NMY4MWZMNTCTNJA2YI01ZDCXLWIYMDGTMJQWZDI3NZMWMJAZ",
  "scope": "all",
  "token_type": "Bearer"
}
{
  "Success": true,
  "ErrCode": 200,
  "ErrMsg": "",
  "Data": {
    "access_token": "YTHHNJA0ZTUTMZFJNI0ZMWE0LTK3ZWQTZTQ2NTVKNJDJMTU5",
    "expires_in": 7200,
    "refresh_token": "NDE1ZJCZM2ITOGVHNY01YZRKLTLHODQTNWE4ZMYWZMQ3ZJU5",
    "scope": "all",
    "token_type": "Bearer"
  }
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
Success boolean true none none
ErrCode integer true none none
ErrMsg string true none none
Data object true none none
access_token string true none none
expires_in integer true none none
refresh_token string true none none
scope string true none none
token_type string true none none

POST 刷新token

POST /oauth2/refresh

使用refresh_token刷新token

Body Parameters

grant_type: refresh_token
refresh_token: Y2RKZTYWMJMTNJIZNY01ZGI1LTKYM2YTMJLKMZHMYZC4ZJCY

Params

Name Location Type Required Description
Content-Type header string yes none
body body object no none
grant_type body string yes 必须为refresh_token
refresh_token body string yes 伴随accesstoken一起返回

Response Examples

200 Response

{
  "access_token": "string",
  "expires_in": 0,
  "refresh_token": "string",
  "scope": "string",
  "token_type": "string"
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
access_token string true none none
expires_in integer true none none
refresh_token string true none none
scope string true none none
token_type string true none none

POST 新建客户端

POST /oauth2/create-client

用于获取client_id 和 client_secret

Body Parameters

redirect_uri: string

Params

Name Location Type Required Description
TOKEN header string yes none
body body object no none
redirect_uri body string no none

Response Examples

200 Response

{}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

GET 是否授权给应用

GET /oauth2/auth

Body Parameters

token: string

Params

Name Location Type Required Description
body body object no none
token body string no token为空则跳转到登录页面

Response Examples

200 Response

{}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

GET 获取用户信息

GET /oauth2/userinfo

Oauth用

Params

Name Location Type Required Description
Authorization header string no Bearer ${access_token}

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": {
    "email": "string",
    "userId": "string",
    "avatar": "string",
    "badge": null,
    "bio": "string",
    "dep": "string",
    "hide": ["string"],
    "link": ["string"],
    "nickname": "string",
    "org": "string"
  }
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
Success boolean true none none
ErrCode integer true none none
ErrMsg string true none none
Data object true none none
email string true none none
userId string true none none
avatar string¦null true none none
badge null true none none
bio string¦null true none none
dep string true none none
hide [string]¦null true none none
link [string]¦null true none none
nickname string true none none
org string true none none

profile

POST 上传头像

POST /profile/uploadAvatar

Body Parameters

avatarFile: string

Params

Name Location Type Required Description
TOKEN header string no none
body body object no none
avatarFile body string(binary) no none

Response Examples

200 Response

{
  "filePath": "string"
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
filePath string true none none

GET 查询用户profile信息

GET /profile/getProfile

获取用户的基本信息,用户可以选择不展示其中的部分信息(bio, badge, link)

Params

Name Location Type Required Description
TOKEN header string no none

Response Examples

200 Response

{
  "nickname": "string",
  "dep": "string",
  "org": "string",
  "email": "string",
  "avatar": "string",
  "bio": "string",
  "link": ["string"],
  "badge": {
    "title": "string",
    "description": "string",
    "created_at": "string"
  },
  "hide": ["string"]
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
nickname string true none 昵称
dep string¦null true none 当前所在部门
org string¦null true none 当前所在组
email string true none 个人邮箱
avatar string¦null false none 头像对应的URL(未通过审核也不展示)
bio string¦null false none 个人介绍
link [string]¦null false none 相链接(博客、b站)
badge object¦null false none 纪念卡
title string true none none
description string true none none
created_at string true none none
hide [string]¦null false none 用户选择不展示的信息(前面几个必要信息无法隐藏)

POST 修改用户profile信息

POST /profile/changeProfile

用户修改个人信息,org_id(-1 / 1-26,-1表示无组织,其余参照profile枚举约定文档),hide(支持bio、badge、link三个字段) 注意,在调用API时,JSON中未传入/设置为null的字段默认不修改,如果想设置为空,请设置为空字符串/空数组(""/[])

Body Parameters

{
  "nickname": "windpo",
  "org_id": 6,
  "bio": "这是一段个人介绍",
  "link": ["https://github.com/windpo"],
  "hide": ["bio"]
}

Params

Name Location Type Required Description
TOKEN header string yes none
body body object no none
nickname body string¦null no 昵称
org_id body integer¦null no 部门及组织对应org_id,见枚举约定
bio body string¦null no 个人介绍
link body [string]¦null no 个人链接
hide body [string]¦null no 需要隐藏的信息(字段名称,不能隐藏nickname、email、org_id)

Response Examples

200 Response

{}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

POST 修改用户邮箱

POST /profile/changeEmail

给用户发送一封验证邮箱的邮件,验证验证码成功后修改用户的邮箱,步骤与重置密码类似

Response Examples

200 Response

{}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

POST 检查图片审核信息

POST /profile/dealCensorRes

根据腾讯云cos的回调结果,若图片被冻结,将图片放置于cos的/ban文件目录,并将数据库图片设置为审核失败默认图样例。若审核失败/疑似敏感文件,通知开发人员

Body Parameters

{
  "code": 0,
  "data": {
    "forbidden_status": 0,
    "event": "string",
    "porn_info": {
      "hit_flag": 0,
      "label": "string",
      "score": 0
    },
    "result": 0,
    "trace_id": "string",
    "url": "string"
  },
  "message": "string"
}

Params

Name Location Type Required Description
body body object no none
code body integer yes 错误码,值为0时表示审核成功,非0表示审核失败。
data body object yes none
forbidden_status body integer yes 若您设置了自动冻结,该字段表示图片的冻结状态。0:未冻结,1:已被冻结,2:已转移文件
event body string yes 触发的事件,此处固定为 ReviewImage
porn_info body object yes 审核场景为涉黄的审核结果信息
hit_flag body integer yes 用于返回该审核场景的审核结果,返回值:0:正常。1:确认为当前场景的违规内容。2:疑似为当前场景的违规内容。
label body string yes 命中的标签名称。
score body integer yes 该字段表示审核结果命中审核信息的置信度,取值范围:0(置信度最低)-100(置信度最高 ),越高代表该内容越有可能属于当前返回审核信息。通常[0,60]分可以认为图片属于正常,[61,90]分表示图片疑似敏感,[91,100]分表示图片为敏感的。例如:色情 99,表明该内容非常有可能属于色情内容。
result body integer yes 该字段表示本次判定的审核结果,您可以根据该结果,进行后续的操作;建议您按照业务所需,对不同的审核结果进行相应处理。有效值:0(审核正常),1 (判定为违规敏感文件),2(疑似敏感,建议人工复核)
trace_id body string yes 唯一 ID 标识
url body string yes 被审核图片的完整 URL 链接
message body string yes 错误描述

Response Examples

200 Response

{}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

用户

POST 注册

POST /user/register

注册用户并初始化其 profile 信息 (nickname: 默认为注册学号,email 默认为注册用的邮箱)

Body Parameters

password: "1234"

Params

Name Location Type Required Description
REGISTER-TICKET header string no none
body body object no none
password body string no none

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": null
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
Success boolean true none none
ErrCode integer true none none
ErrMsg string true none none
Data null true none none

POST 登录

POST /user/login

非第三方登录。 登录逻辑:首先用户先输入他的用户名,我们会先判断用户名是否存在再进行输入密码环节,如果用户名存在,返回一个 ticket 表示帐号存在并且会带有一个时长(这一步由验证账号有效性这个接口实现),也就是说用户需要在 ticket 有效期间输入密码。

Body Parameters

password: string

Params

Name Location Type Required Description
LOGIN-TICKET header string no 这是一个token
body body object no none
password body string no none

Response Examples

成功

{
  "Success": false,
  "ErrCode": 20007,
  "ErrMsg": "Ticket不正确",
  "Data": null
}
{
  "Success": true,
  "ErrCode": 200,
  "ErrMsg": "",
  "Data": {
    "loginToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzYXN0IiwiYXVkIjpbImIyMjA4MDExNC1sb2dpblRva2VuIl0sImV4cCI6MTcwMjM2NzQwMSwiaWF0IjoxNzAxNzYyNjAxfQ.c-dXws9SvmsKU1OeHbLeEnfj4bt7lNcZuMs7ljUXjXc"
  }
}

密码错误

{
  "Success": false,
  "ErrCode": 40002,
  "ErrMsg": "验证账户密码失败",
  "Data": null
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline
401 Unauthorized 密码错误 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
Success boolean true none none
ErrCode integer true none none
ErrMsg string true none none
Data object true none none
token string true none none

HTTP Status Code 401

Name Type Required Restrictions Title description
Success boolean true none none
ErrCode integer true none none
ErrMsg string true none none
Data null true none none

GET 获取用户基本信息

GET /user/info

Params

Name Location Type Required Description
TOKEN header string no none

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": {
    "email": "string"
  }
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
Success boolean true none none
ErrCode integer true none none
ErrMsg string true none none
Data object true none none
email string true none none

POST 登出

POST /user/logout

Params

Name Location Type Required Description
TOKEN header string yes none

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": null
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
Success boolean true none none
ErrCode integer true none none
ErrMsg string true none none
Data null true none none

POST 修改密码

POST /user/changePassword

Body Parameters

oldPassword: string
newPassword: string

Params

Name Location Type Required Description
TOKEN header string yes none
body body object no none
oldPassword body string yes none
newPassword body string yes none

Response Examples

200 Response

{}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

POST 重置密码

POST /user/resetPassword

1、验证账号存在(验证账号有效性接口,flag=2)2、传入RESET-TICKET得到邮箱,发送邮件。3、验证邮件验证码 4、重置密码

Body Parameters

newPassword: string

Params

Name Location Type Required Description
RESETPWD-TICKET header string no none
body body object no none
newPassword body string yes 新密码

Response Examples

200 Response

{}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

验证器

GET 发送验证邮件

GET /sendEmail

传入REGISTER-TICKET或RESETPWD-TICKET。前者为注册流程,后者为重置密码流程

Params

Name Location Type Required Description
REGISTER-TICKET/RESETPWD-TICKET header string yes 类似一个 TOKEN 的东西,进行注册/重置密码时传入

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": null
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
Success boolean true none none
ErrCode integer true none none
ErrMsg string true none none
Data null true none none

GET 验证帐号有效性

GET /verify/account

这里的验证帐号有效性指的是验证是指帐号否已经注册过

Params

Name Location Type Required Description
username query string no 登陆时允许邮箱、学号登陆,注册和重置密码仅允许邮箱
flag query string no 这个用于判断是登录接口还是注册接口。0 代表注册,1代表登录,2代表重置密码,3代表重置用户邮箱

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": {
    "register_ticket": "string"
  }
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
Success boolean true none none
ErrCode integer true none none
ErrMsg string true none none
Data object true none none
register_ticket string true none 如果是登录则返回 login_ticket 如果是注册则返回 register_ticket

POST 验证邮件验证码

POST /verify/captcha

Body Parameters

captcha: S-TXSD4

Params

Name Location Type Required Description
REGISTER-TICKET/RESETPWD-TICKET header string no 类似Token的玩意
body body object no none
captcha body string no 验证码

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": null
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
Success boolean true none none
ErrCode integer true none none
ErrMsg string true none none
Data null true none none

第三方登录

GET 飞书登录回调

GET /login/lark/callback

Body Parameters

{}

Params

Name Location Type Required Description
body body object no none

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": {
    "oauthTicket": "string"
  }
}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

HTTP Status Code 200

Name Type Required Restrictions Title description
Success boolean true none none
ErrCode integer true none none
ErrMsg string true none none
Data object true none none
oauthTicket string false none none

GET 飞书登录

GET /login/lark

Response Examples

200 Response

{}

Responses

HTTP Status Code Meaning Description Data schema
200 OK 成功 Inline

Responses Data Schema

Data Schema

统一返回格式

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": {}
}

Attribute

Name Type Required Restrictions Title Description
Success boolean true none none
ErrCode integer true none none
ErrMsg string true none none
Data object true none none

User

{
  "id": 0,
  "nickName": "string",
  "password": "string",
  "QQ_id": "string",
  "Lark_id": "string",
  "Github_id": "string",
  "Wechat_id": "string",
  "E-mail": "string"
}

Attribute

Name Type Required Restrictions Title Description
id integer true none id none
nickName string true none 昵称 none
password string true none 密码 none
QQ_id string false none none
Lark_id string false none 飞书id none
Github_id string false none none
Wechat_id string false none none
E-mail string true none 邮箱 none
Clone this wiki locally