API Doc

title: SAST Link language_tabs:

shell: Shell
http: HTTP
javascript: JavaScript
ruby: Ruby
python: Python
php: PHP
java: Java
go: Go toc_footers: [] includes: [] search: true code_clipboard: true highlight_theme: darkula headingLevel: 2 generator: "@tarslib/widdershins v4.0.22"

SAST Link

Base URLs:

测试环境: http://localhost:8080/api/v1

Authentication

HTTP Authentication, scheme: bearer

oauth

GET oauth 认证

GET /oauth2/authorize

Body Parameters

{}

Params

Name	Location	Type	Required	Description
client_id	query	string	yes	none
code_challenge	query	string	yes	字符串经过哈希算法加密生成
code_challenge_method	query	string	yes	哈希算法
redirect_uri	query	string	yes	none
response_type	query	string	yes	none
scope	query	string	yes	none
state	query	string	yes	none
part	query	string	no	这个是token
body	body	object	no	none

Response Examples

成功

{
  "Success": false,
  "ErrCode": 20004,
  "ErrMsg": "Token错误",
  "Data": null
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	description
Success	boolean	true	none	none
ErrCode	integer	true	none	none
ErrMsg	string	true	none	none
Data	null	true	none	none

POST 获取access token

POST /oauth2/token

客户端后端服务器向Oauth后端请求token

Body Parameters

code: N2U2OTUWZMMTYZE2MY0ZZTFHLWFMMGQTM2JKYJLMMDI0NJNJ
code_verifier: sast_forever
grant_type: authorization_code
redirect_uri: http://localhost:9094/oauth2
client_id: 5f5fff70-57e1-4c82-a030-071e1c641a9b
client_secret: RXpLNs9uCPT6HdtO9PyKNzuW9xVraQoh

Params

Name	Location	Type	Required	Description
Content-Type	header	string	yes	none
body	body	object	no	none
code	body	string	yes	从oauth认证处得来
code_verifier	body	string	yes	用于获取code_challenge
grant_type	body	string	yes	使用授权码模式
redirect_uri	body	string	yes	返回地址
client_id	body	string	no	客户端id
client_secret	body	string	no	客户端密钥

Response Examples

成功

{
  "access_token": "YTLHYJI4YZATMTAXYI0ZZWFKLWE4OTKTNZY2NDM2NWRLYJY5",
  "expires_in": 7200,
  "refresh_token": "NMY4MWZMNTCTNJA2YI01ZDCXLWIYMDGTMJQWZDI3NZMWMJAZ",
  "scope": "all",
  "token_type": "Bearer"
}

{
  "Success": true,
  "ErrCode": 200,
  "ErrMsg": "",
  "Data": {
    "access_token": "YTHHNJA0ZTUTMZFJNI0ZMWE0LTK3ZWQTZTQ2NTVKNJDJMTU5",
    "expires_in": 7200,
    "refresh_token": "NDE1ZJCZM2ITOGVHNY01YZRKLTLHODQTNWE4ZMYWZMQ3ZJU5",
    "scope": "all",
    "token_type": "Bearer"
  }
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	description
Success	boolean	true	none	none
ErrCode	integer	true	none	none
ErrMsg	string	true	none	none
Data	object	true	none	none
access_token	string	true	none	none
expires_in	integer	true	none	none
refresh_token	string	true	none	none
scope	string	true	none	none
token_type	string	true	none	none

POST 刷新token

POST /oauth2/refresh

使用refresh_token刷新token

Body Parameters

grant_type: refresh_token
refresh_token: Y2RKZTYWMJMTNJIZNY01ZGI1LTKYM2YTMJLKMZHMYZC4ZJCY

Params

Name	Location	Type	Required	Description
Content-Type	header	string	yes	none
body	body	object	no	none
grant_type	body	string	yes	必须为refresh_token
refresh_token	body	string	yes	伴随accesstoken一起返回

Response Examples

200 Response

{
  "access_token": "string",
  "expires_in": 0,
  "refresh_token": "string",
  "scope": "string",
  "token_type": "string"
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	description
access_token	string	true	none	none
expires_in	integer	true	none	none
refresh_token	string	true	none	none
scope	string	true	none	none
token_type	string	true	none	none

POST 新建客户端

POST /oauth2/create-client

用于获取client_id 和 client_secret

Body Parameters

redirect_uri: string

Params

Name	Location	Type	Required	Description
TOKEN	header	string	yes	none
body	body	object	no	none
redirect_uri	body	string	no	none

Response Examples

200 Response

{}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

GET 是否授权给应用

GET /oauth2/auth

Body Parameters

token: string

Params

Name	Location	Type	Required	Description
body	body	object	no	none
token	body	string	no	token为空则跳转到登录页面

Response Examples

200 Response

{}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

GET 获取用户信息

GET /oauth2/userinfo

Oauth用

Params

Name	Location	Type	Required	Description
Authorization	header	string	no	Bearer ${access_token}

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": {
    "email": "string",
    "userId": "string",
    "avatar": "string",
    "badge": null,
    "bio": "string",
    "dep": "string",
    "hide": ["string"],
    "link": ["string"],
    "nickname": "string",
    "org": "string"
  }
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	description
Success	boolean	true	none	none
ErrCode	integer	true	none	none
ErrMsg	string	true	none	none
Data	object	true	none	none
email	string	true	none	none
userId	string	true	none	none
avatar	string¦null	true	none	none
badge	null	true	none	none
bio	string¦null	true	none	none
dep	string	true	none	none
hide	[string]¦null	true	none	none
link	[string]¦null	true	none	none
nickname	string	true	none	none
org	string	true	none	none

profile

POST 上传头像

POST /profile/uploadAvatar

Body Parameters

avatarFile: string

Params

Name	Location	Type	Required	Description
TOKEN	header	string	no	none
body	body	object	no	none
avatarFile	body	string(binary)	no	none

Response Examples

200 Response

{
  "filePath": "string"
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	Title	description
filePath	string	true	none		none

GET 查询用户profile信息

GET /profile/getProfile

获取用户的基本信息，用户可以选择不展示其中的部分信息（bio, badge, link）

Params

Name	Location	Type	Required	Description
TOKEN	header	string	no	none

Response Examples

200 Response

{
  "nickname": "string",
  "dep": "string",
  "org": "string",
  "email": "string",
  "avatar": "string",
  "bio": "string",
  "link": ["string"],
  "badge": {
    "title": "string",
    "description": "string",
    "created_at": "string"
  },
  "hide": ["string"]
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	description
nickname	string	true	none	昵称
dep	string¦null	true	none	当前所在部门
org	string¦null	true	none	当前所在组
email	string	true	none	个人邮箱
avatar	string¦null	false	none	头像对应的URL（未通过审核也不展示）
bio	string¦null	false	none	个人介绍
link	[string]¦null	false	none	相链接（博客、b站）
badge	object¦null	false	none	纪念卡
title	string	true	none	none
description	string	true	none	none
created_at	string	true	none	none
hide	[string]¦null	false	none	用户选择不展示的信息（前面几个必要信息无法隐藏）

POST 修改用户profile信息

POST /profile/changeProfile

用户修改个人信息，org_id(-1 / 1-26，-1表示无组织，其余参照profile枚举约定文档)，hide(支持bio、badge、link三个字段) 注意，在调用API时，JSON中未传入/设置为null的字段默认不修改，如果想设置为空，请设置为空字符串/空数组（""/[]）

Body Parameters

{
  "nickname": "windpo",
  "org_id": 6,
  "bio": "这是一段个人介绍",
  "link": ["https://github.com/windpo"],
  "hide": ["bio"]
}

Params

Name	Location	Type	Required	Description
TOKEN	header	string	yes	none
body	body	object	no	none
nickname	body	string¦null	no	昵称
org_id	body	integer¦null	no	部门及组织对应org_id，见枚举约定
bio	body	string¦null	no	个人介绍
link	body	[string]¦null	no	个人链接
hide	body	[string]¦null	no	需要隐藏的信息（字段名称，不能隐藏nickname、email、org_id）

Response Examples

200 Response

{}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

POST 修改用户邮箱

POST /profile/changeEmail

给用户发送一封验证邮箱的邮件，验证验证码成功后修改用户的邮箱，步骤与重置密码类似

Response Examples

200 Response

{}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

POST 检查图片审核信息

POST /profile/dealCensorRes

根据腾讯云cos的回调结果，若图片被冻结，将图片放置于cos的/ban文件目录，并将数据库图片设置为审核失败默认图样例。若审核失败/疑似敏感文件，通知开发人员

Body Parameters

{
  "code": 0,
  "data": {
    "forbidden_status": 0,
    "event": "string",
    "porn_info": {
      "hit_flag": 0,
      "label": "string",
      "score": 0
    },
    "result": 0,
    "trace_id": "string",
    "url": "string"
  },
  "message": "string"
}

Params

Name	Location	Type	Required	Description
body	body	object	no	none
code	body	integer	yes	错误码，值为0时表示审核成功，非0表示审核失败。
data	body	object	yes	none
forbidden_status	body	integer	yes	若您设置了自动冻结，该字段表示图片的冻结状态。0：未冻结，1：已被冻结，2：已转移文件
event	body	string	yes	触发的事件，此处固定为 ReviewImage
porn_info	body	object	yes	审核场景为涉黄的审核结果信息
hit_flag	body	integer	yes	用于返回该审核场景的审核结果，返回值：0：正常。1：确认为当前场景的违规内容。2：疑似为当前场景的违规内容。
label	body	string	yes	命中的标签名称。
score	body	integer	yes	该字段表示审核结果命中审核信息的置信度，取值范围：0（置信度最低）-100（置信度最高），越高代表该内容越有可能属于当前返回审核信息。通常[0,60]分可以认为图片属于正常，[61,90]分表示图片疑似敏感，[91,100]分表示图片为敏感的。例如：色情 99，表明该内容非常有可能属于色情内容。
result	body	integer	yes	该字段表示本次判定的审核结果，您可以根据该结果，进行后续的操作；建议您按照业务所需，对不同的审核结果进行相应处理。有效值：0（审核正常），1 （判定为违规敏感文件），2（疑似敏感，建议人工复核）
trace_id	body	string	yes	唯一 ID 标识
url	body	string	yes	被审核图片的完整 URL 链接
message	body	string	yes	错误描述

Response Examples

200 Response

{}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

用户

POST 注册

POST /user/register

注册用户并初始化其 profile 信息 (nickname: 默认为注册学号，email 默认为注册用的邮箱)

Body Parameters

password: "1234"

Params

Name	Location	Type	Required	Description
REGISTER-TICKET	header	string	no	none
body	body	object	no	none
password	body	string	no	none

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": null
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	description
Success	boolean	true	none	none
ErrCode	integer	true	none	none
ErrMsg	string	true	none	none
Data	null	true	none	none

POST 登录

POST /user/login

非第三方登录。登录逻辑：首先用户先输入他的用户名，我们会先判断用户名是否存在再进行输入密码环节，如果用户名存在，返回一个 ticket 表示帐号存在并且会带有一个时长(这一步由验证账号有效性这个接口实现)，也就是说用户需要在 ticket 有效期间输入密码。

Body Parameters

password: string

Params

Name	Location	Type	Required	Description
LOGIN-TICKET	header	string	no	这是一个token
body	body	object	no	none
password	body	string	no	none

Response Examples

成功

{
  "Success": false,
  "ErrCode": 20007,
  "ErrMsg": "Ticket不正确",
  "Data": null
}

{
  "Success": true,
  "ErrCode": 200,
  "ErrMsg": "",
  "Data": {
    "loginToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzYXN0IiwiYXVkIjpbImIyMjA4MDExNC1sb2dpblRva2VuIl0sImV4cCI6MTcwMjM2NzQwMSwiaWF0IjoxNzAxNzYyNjAxfQ.c-dXws9SvmsKU1OeHbLeEnfj4bt7lNcZuMs7ljUXjXc"
  }
}

密码错误

{
  "Success": false,
  "ErrCode": 40002,
  "ErrMsg": "验证账户密码失败",
  "Data": null
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline
401	Unauthorized	密码错误	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	description
Success	boolean	true	none	none
ErrCode	integer	true	none	none
ErrMsg	string	true	none	none
Data	object	true	none	none
token	string	true	none	none

HTTP Status Code 401

Name	Type	Required	Restrictions	description
Success	boolean	true	none	none
ErrCode	integer	true	none	none
ErrMsg	string	true	none	none
Data	null	true	none	none

GET 获取用户基本信息

GET /user/info

Params

Name	Location	Type	Required	Description
TOKEN	header	string	no	none

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": {
    "email": "string"
  }
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	description
Success	boolean	true	none	none
ErrCode	integer	true	none	none
ErrMsg	string	true	none	none
Data	object	true	none	none
email	string	true	none	none

POST 登出

POST /user/logout

Params

Name	Location	Type	Required	Description
TOKEN	header	string	yes	none

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": null
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	description
Success	boolean	true	none	none
ErrCode	integer	true	none	none
ErrMsg	string	true	none	none
Data	null	true	none	none

POST 修改密码

POST /user/changePassword

Body Parameters

oldPassword: string
newPassword: string

Params

Name	Location	Type	Required	Description
TOKEN	header	string	yes	none
body	body	object	no	none
oldPassword	body	string	yes	none
newPassword	body	string	yes	none

Response Examples

200 Response

{}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

POST 重置密码

POST /user/resetPassword

1、验证账号存在（验证账号有效性接口，flag=2）2、传入RESET-TICKET得到邮箱，发送邮件。3、验证邮件验证码 4、重置密码

Body Parameters

newPassword: string

Params

Name	Location	Type	Required	Description
RESETPWD-TICKET	header	string	no	none
body	body	object	no	none
newPassword	body	string	yes	新密码

Response Examples

200 Response

{}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

验证器

GET 发送验证邮件

GET /sendEmail

传入REGISTER-TICKET或RESETPWD-TICKET。前者为注册流程，后者为重置密码流程

Params

Name	Location	Type	Required	Description
REGISTER-TICKET/RESETPWD-TICKET	header	string	yes	类似一个 TOKEN 的东西，进行注册/重置密码时传入

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": null
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	description
Success	boolean	true	none	none
ErrCode	integer	true	none	none
ErrMsg	string	true	none	none
Data	null	true	none	none

GET 验证帐号有效性

GET /verify/account

这里的验证帐号有效性指的是验证是指帐号否已经注册过

Params

Name	Location	Type	Required	Description
username	query	string	no	登陆时允许邮箱、学号登陆，注册和重置密码仅允许邮箱
flag	query	string	no	这个用于判断是登录接口还是注册接口。0 代表注册，1代表登录，2代表重置密码，3代表重置用户邮箱

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": {
    "register_ticket": "string"
  }
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	description
Success	boolean	true	none	none
ErrCode	integer	true	none	none
ErrMsg	string	true	none	none
Data	object	true	none	none
register_ticket	string	true	none	如果是登录则返回 login_ticket 如果是注册则返回 register_ticket

POST 验证邮件验证码

POST /verify/captcha

Body Parameters

captcha: S-TXSD4

Params

Name	Location	Type	Required	Description
REGISTER-TICKET/RESETPWD-TICKET	header	string	no	类似Token的玩意
body	body	object	no	none
captcha	body	string	no	验证码

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": null
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	description
Success	boolean	true	none	none
ErrCode	integer	true	none	none
ErrMsg	string	true	none	none
Data	null	true	none	none

第三方登录

GET 飞书登录回调

GET /login/lark/callback

Body Parameters

{}

Params

Name	Location	Type	Required	Description
body	body	object	no	none

Response Examples

200 Response

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": {
    "oauthTicket": "string"
  }
}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

HTTP Status Code 200

Name	Type	Required	Restrictions	description
Success	boolean	true	none	none
ErrCode	integer	true	none	none
ErrMsg	string	true	none	none
Data	object	true	none	none
oauthTicket	string	false	none	none

GET 飞书登录

GET /login/lark

Response Examples

200 Response

{}

Responses

HTTP Status Code	Meaning	Description	Data schema
200	OK	成功	Inline

Responses Data Schema

Data Schema

统一返回格式

{
  "Success": true,
  "ErrCode": 0,
  "ErrMsg": "string",
  "Data": {}
}

Attribute

Name	Type	Required	Restrictions	Description
Success	boolean	true	none	none
ErrCode	integer	true	none	none
ErrMsg	string	true	none	none
Data	object	true	none	none

User

{
  "id": 0,
  "nickName": "string",
  "password": "string",
  "QQ_id": "string",
  "Lark_id": "string",
  "Github_id": "string",
  "Wechat_id": "string",
  "E-mail": "string"
}

Attribute

Name	Type	Required	Restrictions	Title	Description
id	integer	true	none	id	none
nickName	string	true	none	昵称	none
password	string	true	none	密码	none
QQ_id	string	false	none		none
Lark_id	string	false	none	飞书id	none
Github_id	string	false	none		none
Wechat_id	string	false	none		none
E-mail	string	true	none	邮箱	none