Energize - Create a Rest API in Seconds

Quick Start

Access Control

Access Control

Users are prebuilt into Energize in the default users resource. Resources can be protected by either basic authentication, or bearer token authentication. You can then choose to implement either type of authentication method in your client.

The following users definition is hard-coded into Energize, and does not need to be included in your definitons.

resource users protected (admin)
  email string unique
  createdTime timestamp
  updatedTime timestamp
  state integer
  groups string array
  password string secret

To add custom fields to the users resource, overload the users definition with as many fields as needed.

resource users
  firstName string optional
  lastName string optional

User onboarding

To handle registration, use the following default registration route.

curl http://localhost:8080/auth/register \
  -X POST
  -H 'Content-Type: application/json' \
  -d '{"email": "test@example.com", "password": "not-so-secret"}'

To handle login, use the following default login route.

curl http://localhost:8080/auth/login \
  -X POST
  -H 'Content-Type: application/json' \
  -d '{"email": "test@example.com", "password": "not-so-secret"}'

If successful, you will get a 200 OK with an access token in the response json.

{
  "data": "jtwmaswrjwrooar"
}

This access token can be used on every subsequent request in the Authorization header as a bearer token to authenticate the user on protected resources.

curl http://localhost:8080/some-protected-resource \
  -X POST
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer jtwmaswrjwrooar' \
  -d '{"data": "some-data"}'

Note: On registration, an access token is also given in the response json.

Protecting resources

To protect a resource you can use the protected resource modifier, followed by the groups that are allowed access on that resource. The two default groups are users, and admin. Those who have created an account with the users resource have the users group by default.

Note: You can edit the default groups in the src/main/resources/reference.conf file.

resource publishers protected (users, admin)
	string name required

← Prev