Security Session API

Owned by Former user (Deleted)
Last updated: Aug 18, 2014
2 min read

Table of Contents

Login

Current Implementation

Logs in a user in the system. This operation generates a security token that is mandatory in any subsequent API call. The security token identifies a User-Device association. Same user registered in multiple devices will have multiple security tokens.
The login operation also returns some meta-data about the user. For example: organization and facility information, list of active devices for the current user and permissions of the current user.

The currently supported validation scenarios are:

  • A valid Tag Id (i.e. NFC) is provided.
  • A valid Username and Password are provided.
  • A valid User Email and Password are provided.
  • A temporal security token (with a life-span of 5 minutes) is requested.

Parameters

Base URL: /validateAccount
Parameters:

NameTypeMandatoryDescription
tagIdStringOnly if 'email' and 'username' are omitted (Or 'temporal' parameter is provided).The tag id (i.e. NFC) used to identify a user. If this parameter is provided, 'email' and 'username' parameters are discarded.
usernameStringOnly if neither 'tagId' nor 'email' are provided (Or 'temporal' parameter is provided).The id of a user. If this parameter is provided, a valid 'password' must also be provided.
emailStringOnly if neither 'tagId' nor 'username' are provided (Or 'temporal' parameter is provided).The email of a user. If this parameter is provided, a valid 'password' must also be provided.
passwordStringOnly if 'username' or 'email' are provided (Or 'temporal' parameter is provided).The password of the user.
deviceIdStringYes (Unless 'temporal' parameter is provided).The id of the device where the user is being logged in.
temporalStringNoIndicates that we want to create a temporal security token. If this parameter is provided, all the other parameters are discarded.

API Sample

curl 'http://192.168.2.102:8080/PresentationServices/validateAccount?tagId=poda&deviceId=596a1d880a22eb32&_=1395133673252' -H 'Accept: application/json, text/javascript, */*; q=0.01' -H 'User-Agent: Mozilla/5.0 (Linux; Android 4.4.2; Nexus 5 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/30.0.0.0 Mobile Safari/537.36' --compressed

Result 
{ "validateAccountFact" : { "accountFact" : { "activeDevices" : [ ],
"facilityId" : "UNC",
"organizationId" : "UNC",
"role" : { "description" : "",
"id" : 2,
"name" : "pod",
"organizationId" : "UNC",
"permissions" : [ { "id" : 54,
"name" : "read_user",
"organizationId" : "UNC"
},
{ "id" : 58,
"name" : "list_patients_from_current_facility"
}
]
},
"token" : "d2360c39-637b-41da-988d-f031db5affbb",
"userId" : "poda",
"username" : "3",
"deviceRoomId": "poda"
},
"statusFact" : { "success" : true }
} }

Logout

Current Implementation

Logs out a user from one particular device or from all of the devices the user is currently logged in. 

When a user is explicitly logged out from all of his/her registered devices, any patient association the user had is also removed.  

This operation can also be used for temporal tokens too.

Parameters

Base URL: /logoutAccount
Parameters:

NameTypeMandatoryDescription
tokenStringYesSecurity Token obtained before.
userIdStringYes unless a 'token' is a temporal tokenThe userId we want to log out. If what we are trying to log out is a temporal token, then this parameter is not mandatory.
fromAllSessionsBooleanNo

Default value: False

Defines whether we are trying to log out the user from all his/her registered devices (all the security tokens related to this particular user) or just from the device identified by the current security token.

API Sample

http://localhost:8080/PresentationServices/logoutAccount?token=d56c8e42-395e-4ba1-9bbb-73e5ed403f51&userId=poda&fromAllSessions=true

Result 
{
 statusFact: {
  success: true
 }
}