From df57102e3e89308e645c17cee764b76b9109789d Mon Sep 17 00:00:00 2001 From: sigmahour <> Date: Sat, 1 Oct 2022 10:49:28 -0400 Subject: [PATCH] revisions to http-api --- docs/developers/Firmware/http-api.mdx | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/docs/developers/Firmware/http-api.mdx b/docs/developers/Firmware/http-api.mdx index 745571aa..295961fd 100644 --- a/docs/developers/Firmware/http-api.mdx +++ b/docs/developers/Firmware/http-api.mdx @@ -5,7 +5,7 @@ sidebar_label: HTTP API --- :::info -This is a mini-spec on a HTTP API which can be used by browser based clients to do operations with devices. +This is a mini-spec of the HTTP REST API which can be used by browser based clients to interact with Meshtastic devices. ::: ## Why protobufs @@ -17,18 +17,19 @@ This is a mini-spec on a HTTP API which can be used by browser based clients to ## Request headers -- Content-Type: `application/x-protobuf` - - Indicates Meshtatics protobufs -- Cookie: `session=ABAD1D` (not yet implemented) +- `Content-Type: application/x-protobuf` + - Indicates protobuf content (Meshtatic protobufs) +- `Cookie: session=ABAD1D` (not yet implemented) - Added automatically by the browser client. ## Response headers -- Content-Type: `application/x-protobuf` - - Indicates Meshtatics protobufs -- X-Protobuf-Schema: __ +- `Content-Type: application/x-protobuf` + - Indicates protobuf content (Meshtatic protobufs) +- `X-Protobuf-Schema: ` - Not required but recommended for documentation/reflection purposes -- Set-Cookie: `session=ABAD1D;path=/` (not yet implemented, consider security implications of `path=/`) +- `Set-Cookie: session=ABAD1D;path=/` (not yet implemented) + - All client requests that did not include a session cookie will be assigned a random and unique session key. The cookie will not be set if the client already has one. ## Endpoints @@ -37,6 +38,8 @@ Two endpoints are specified: ### /api/v1/toradio +Allows `PUT` and `OPTION` requests. + #### PUT A `PUT` request to this endpoint will be expected to contain a series of ToRadio protobuf payloads. @@ -51,6 +54,8 @@ An `OPTIONS`request to this endpoint will return a response status code `204` an ### /api/v1/fromradio +Allows `GET` requests. + #### GET A `GET` request from this endpoint will return a series of FromRadio protobufs. @@ -73,7 +78,7 @@ The protobufs will be sent in binary as the body for the request. ## Authentication -The initial release will not have **any** user authentication. i.e. we assume access to the HTTP server is enough to establish trust. +The initial release will not have **any** user authentication. We assume access to the HTTP server is enough to establish trust. Since authentication is also eventually needed for our other transports (TCP and eventually open BLE), we will be adding authentication **in-band**. When added in the second release there will be a new payload supported inside ToRadio for `SignIn `. The server will respond with a FromRadio `SignInResponse okay|fail`. Also, in the case of the REST API, that SignIn status will then be associated with the current session key. Most (all?) ToRadio packets will be ignored if the client is not signed in. Most (all?) FromRadio packets will be sent to clients that are not signed in. @@ -83,7 +88,7 @@ Since authentication is also eventually needed for our other transports (TCP and See: -A reference client written in JavaScript will provide a JavaScript API for using this transport. That client will do HTTP connections, use the generated protobuf JavaScript code and provide an API that hides all of this REST plumbing. The two key methods will be "sendToRadio(packet) and onFromRadio(callback)". +A reference client written in JavaScript will provide a JavaScript API for using this transport. That client will do HTTP connections, use the generated protobuf JavaScript code and provide an API that hides all of this REST plumbing. The two key methods will be `sendToRadio(packet)` and `onFromRadio(callback)`. ### Protoman