giteaadmin/ai-teacher
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0cf318f0a7cbf23de83e1b59aa36a2542d0e5397
ai-teacher/specs/003-basic-login/contracts/auth.md
T
Adrien 0cf318f0a7 Add simple auth
2026-04-06 14:29:53 +02:00

1.3 KiB
Raw Blame History

API Contract: Auth

Base path: /api/v1/auth
Authentication: HTTP Basic (all endpoints in this group require valid credentials)

GET /api/v1/auth/check

Verifies that the supplied HTTP Basic credentials are valid. Used by the frontend after a page refresh to confirm stored credentials are still accepted before rendering the app.

Request

GET /api/v1/auth/check
Authorization: Basic <base64(username:password)>

No request body.

Response — 200 OK

{
  "username": "neurosurgeon"
}
Field Type Description
username string The authenticated username

Response — 401 Unauthorized

Spring Security returns a standard 401 with WWW-Authenticate: Basic realm="Realm" header. No JSON body.

Behaviour

  • Returns 200 with the authenticated username if credentials are valid.
  • Returns 401 if credentials are absent or incorrect.
  • No side effects (idempotent, read-only).

Notes

  • All other existing endpoints (/api/v1/books, /api/v1/chat, etc.) continue to require HTTP Basic Auth as before.
  • The frontend sends Authorization: Basic ... on every request via the axios request interceptor.
  • A global axios response interceptor detects 401 responses and redirects the user to /login.
Reference in New Issue View Git Blame Copy Permalink