README.md: Document login API changes
This commit is contained in:
theoreticalbts
parent
ad7d0841c2
commit
8f25a3fee9
1 changed files with 27 additions and 4 deletions
31
README.md
31
README.md
|
|
@ -118,15 +118,38 @@ API 0 is accessible using regular JSON-RPC:
|
|||
|
||||
$ curl --data '{"jsonrpc": "2.0", "method": "get_accounts", "params": [["1.2.0"]], "id": 1}' http://127.0.0.1:8090/rpc
|
||||
|
||||
You can use the login API to obtain `network`, `database` and `history` API's. Here is an example of how to call `add_node` from the `network` API:
|
||||
Accessing restricted API's
|
||||
--------------------------
|
||||
|
||||
You can restrict API's to particular users by specifying an `apiaccess` file in `config.ini`. Here is an example `apiaccess` file which allows
|
||||
user `bytemaster` with password `supersecret` to access four different API's:
|
||||
|
||||
{
|
||||
"permission_map" :
|
||||
[
|
||||
[
|
||||
"bytemaster",
|
||||
{
|
||||
"password_hash_b64" : "9e9GF7ooXVb9k4BoSfNIPTelXeGOZ5DrgOYMj94elaY=",
|
||||
"password_salt_b64" : "INDdM6iCi/8=",
|
||||
"allowed_apis" : ["database_api", "network_broadcast_api", "history_api", "network_node_api"]
|
||||
}
|
||||
]
|
||||
]
|
||||
}
|
||||
|
||||
Passwords are stored in `base64` as as salted `sha256` hashes. A simple Python script, `saltpass.py` is avaliable to obtain hash and salt values from a password.
|
||||
A single asterisk `"*"` may be specified as username or password hash to accept any value.
|
||||
|
||||
With the above configuration, here is an example of how to call `add_node` from the `network_node` API:
|
||||
|
||||
{"id":1, "method":"call", "params":[1,"login",["bytemaster", "supersecret"]]}
|
||||
{"id":2, "method":"call", "params":[1,"network",[]]}
|
||||
{"id":2, "method":"call", "params":[1,"network_node",[]]}
|
||||
{"id":3, "method":"call", "params":[2,"add_node",["127.0.0.1:9090"]]}
|
||||
|
||||
Note, the call to `network` is necessary to obtain the correct API identifier for the network API. It is not guaranteed that the network API identifier will always be `2`.
|
||||
Note, the call to `network_node` is necessary to obtain the correct API identifier for the network API. It is not guaranteed that the network API identifier will always be `2`.
|
||||
|
||||
Since the `network` API requires login, it is only accessible over the websocket RPC. Our `doxygen` documentation contains the most up-to-date information
|
||||
Since the `network_node` API requires login, it is only accessible over the websocket RPC. Our `doxygen` documentation contains the most up-to-date information
|
||||
about API's for the [witness node](https://bitshares.github.io/doxygen/namespacegraphene_1_1app.html) and the
|
||||
[wallet](https://bitshares.github.io/doxygen/classgraphene_1_1wallet_1_1wallet__api.html).
|
||||
If you want information which is not available from an API, it might be available
|
||||
|
|
|
|||
Loading…
Reference in a new issue