Difference between revisions of "LoginUserPassword"
Line 48: | Line 48: | ||
{ | { | ||
− | : [[Login]] Object | + | : "StatusCode": 0, |
+ | : "Severity": 1, | ||
+ | : "StatusMessage": "OK", | ||
+ | : "Content": { | ||
+ | :: [[Login]] Object | ||
+ | : } | ||
} | } | ||
+ | |||
|Exceptions= | |Exceptions= | ||
* [[InvalidUserException]] | * [[InvalidUserException]] |
Revision as of 08:45, 22 October 2015
Description
This method can be used by to generate a valid token based on the users' credentials. The generated Token will carry all the information regarding the device, user, etc. and is required to consume most of the methods of UNIAPI with specific user context. The token generated is valid during the next 24 hours (configurable in GVP).
The logged token can be easily identified because it starts with the chars: AU_
The UNIAPI will only allow users in Active status to login (excluded and suspended users will return an exception). For users in AwaitingEmailConfirmation status, it depends on a flag configured at instance level (GVP_INSTANCES.AllowLoginBeforeEmailConfirmationFlag):
- If AllowLoginBeforeEmailConfirmationFlag = true, if the user tries to login in AwaitingEmailConfirmation status, the login will be allowed and the user status will be changed to Active status.
- If AllowLoginBeforeEmailConfirmationFlag = false, then UserNotYetActivatedException is thrown.
Geo-Location
This method applies GeoLocation restriction. It extracts the IP address from the request and retrieves the Country of the IP from the MaxMind Database. Then, it verifies if the Country from where the request was generated is linked to the instance (GVP_INSTANCES). If not, UserTryingToRoamingException exception is thrown.
The user can be marked as Geoblocking whitelist (inside User Profile, GVP_USERS). In this case, the Geoblocking is not applied for this user.
BI
This method creates an entry in GVP_LogLogin collection (even if the login was successful or not)
Parameters
- deviceType (int, required)
- The device type code (see #DeviceTypeCodes enumeration to know the list of device types allowed)
- instanceId (int, required)
- The id of the instance (OB) for the current environment. This ID might vary depending on the environment.
- userName (String, required)
- E-mail from the user that wants to recover the password.
- password (String, required)
- Password sets by the customer in his settings.
Returns
Returns a JSON object containing the generated token and its expiration time (in UnixTimestamp format).
Example:
{
- "StatusCode": 0,
- "Severity": 1,
- "StatusMessage": "OK",
- "Content": {
- Login Object
- }
}
Exceptions
Caching
This method is not cached.
Known issues
None
Version history
API Version Number | Change description | Changes author |
---|---|---|
1.0 | Initial method design | Harley Cabral |
2.1 | Added AllowLoginBeforeEmailConfirmationFlag business logic. | Harley Cabral |
See also
- RegisterTrustedDevice method
- Authentication Service methods