MirrorMirror
/
funkwhale
mirror of https://dev.funkwhale.audio/funkwhale/funkwhale.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
funkwhale/api
History
Georg Krause 02bb83e3f4 fix(api): Fix password reset via email 
The original serializes assumes if allauth is installed, its also used
for the token generation. Thats not the case for us, so we need to
overwrite this behavior

Part-of: <https://dev.funkwhale.audio/funkwhale/funkwhale/-/merge_requests/2565>
 		2023-08-31 17:51:46 +00:00
..
config fix(api): Fix password reset via email 2023-08-31 17:51:46 +00:00
docker fix(api): docker entrypoint use exec 2023-01-25 12:07:00 +00:00
funkwhale_api fix(api): Fix password reset via email 2023-08-31 17:51:46 +00:00
tests fix: Fetch nodeinfo endpoint address from .well-known/nodeinfo when checking instance availability 2023-08-31 12:06:34 +00:00
.dockerignore fix: Make sure entrypoint script gets copied 2023-01-18 15:15:43 +01:00
Dockerfile WIP: Test if this fixes the multiarch docker builds 2023-08-31 11:49:39 +00:00
Readme.md docs: resolve broken links 2023-08-16 16:50:10 +02:00
install_os_dependencies.sh chore: fix shell scripts lint errors 2022-11-25 19:43:50 +00:00
manage.py fix(api): raise SystemExit in manage.py script 2023-06-12 13:04:58 +00:00
poetry.lock chore(api): update dependency psycopg2 to v2.9.7 2023-08-29 08:34:03 +00:00
pyproject.toml chore(api): update dependency psycopg2 to v2.9.7 2023-08-29 08:34:03 +00:00

Readme.md

Funkwhale API

This is the Funkwhale API. Check out our API explorer for interactive documentation.

OAuth Authentication

Funkwhale uses the OAuth authorization grant flow for external apps. This flow is a secure way to authenticate apps that requires a user's explicit consent to perform actions. You can use our demo server at https://demo.funkwhale.audio for testing purposes.

To authenticate with the Funkwhale API:

  1. Create an application by sending a POST request to api/v1/oauth/apps. Include your scopes and redirect URI (use urn:ietf:wg:oauth:2.0:oob to get an authorization code you can copy)
  2. Send an authorization request to the /authorize endpoint to receive an authorization code
  3. Request an access token from /api/v1/oauth/token
  4. Use your access token to authenticate your calls with the following format: Authorization: Bearer <token>
  5. Refresh your access token by sending a refresh request to /api/v1/oauth/token

For more detailed instructions, see our API authentication documentation.

Application token authentication

If you have an account on your target pod, you can create an application at /settings/applications/new. Once you authorize the application you can retrieve an access token. Use your access token to authenticate your calls with the following format: Authorization: Bearer <token>

Rate limiting

Funkwhale supports rate-limiting as of version 0.2.0. Pod admins can choose to rate limit specific endpoints to prevent abuse and improve the stability of the service. If the server drops a request due to rate-limiting, it returns a 429 status code.

Each API call returns HTTP headers to pass the following information:

  • What was the scope of the request (X-RateLimit-Scope)
  • What is the rate-limit associated with the request scope (X-RateLimit-Limit)
  • How many more requests in the scope can be made within the rate-limit timeframe (X-RateLimit-Remaining)
  • How much time does the client need to wait to send another request (Retry-After)

For more information, check our rate limit documentation

Resources

For more information about API usage, refer to our API documentation.