diff --git a/docs/basic/public-api.md b/docs/basic/public-api.md index e78326e33..c4d35db11 100644 --- a/docs/basic/public-api.md +++ b/docs/basic/public-api.md @@ -25,64 +25,63 @@ The application can get the access token for the Casdoor user at the end of OAut The below examples shows how to call `GetOAuthToken()` function in Go via casdoor-go-sdk. - ```go func (c *ApiController) Signin() { - code := c.Input().Get("code") - state := c.Input().Get("state") - - token, err := casdoorsdk.GetOAuthToken(code, state) - if err != nil { - c.ResponseError(err.Error()) - return - } - - claims, err := casdoorsdk.ParseJwtToken(token.AccessToken) - if err != nil { - c.ResponseError(err.Error()) - return - } - - if !claims.IsAdmin { - claims.Type = "chat-user" - } - - err = c.addInitialChat(&claims.User) - if err != nil { - c.ResponseError(err.Error()) - return - } - - claims.AccessToken = token.AccessToken - c.SetSessionClaims(claims) - - c.ResponseOk(claims) + code := c.Input().Get("code") + state := c.Input().Get("state") + + token, err := casdoorsdk.GetOAuthToken(code, state) + if err != nil { + c.ResponseError(err.Error()) + return + } + + claims, err := casdoorsdk.ParseJwtToken(token.AccessToken) + if err != nil { + c.ResponseError(err.Error()) + return + } + + if !claims.IsAdmin { + claims.Type = "chat-user" + } + + err = c.addInitialChat(&claims.User) + if err != nil { + c.ResponseError(err.Error()) + return + } + + claims.AccessToken = token.AccessToken + c.SetSessionClaims(claims) + + c.ResponseOk(claims) } ``` -All granted access tokens can also be accessed via the web UI by an admin user in the Tokens page. For example, visit: https://door.casdoor.com/tokens for the demo site. +All granted access tokens can also be accessed via the web UI by an admin user in the Tokens page. For example, visit: for the demo site. #### How to authenticate? 1. HTTP `GET` parameter, the URL format is: -``` -/page?access_token=" -``` + ```shell + /page?access_token= + ``` -Demo site example: https://door.casdoor.com/api/get-global-providers?access_token=eyJhbGciOiJSUzI1NiIs... + Demo site example: `https://door.casdoor.com/api/get-global-providers?access_token=eyJhbGciOiJSUzI1NiIs` 2. HTTP Bearer token, the HTTP header format is: -``` -Authorization: Bearer -``` + ```shell + Authorization: Bearer + ``` ### 2. By `Client ID` and `Client secret` #### How to get the client ID and secret? -The application edit page (e.g., https://door.casdoor.com/applications/casbin/app-vue-python-example) will show the client ID and secret for an application. This authentication is useful when you want to call the API as a "machine", "application" or a "service" instead of a user. The permissions for the API calls will be the same as the application (aka the admin of the organization). +The application edit page (e.g., ) will show the client ID and secret for an application. This authentication is useful when you want to call the API as a "machine", "application" or a "service" instead of a user. The permissions for the API calls will be the same as the application (aka the admin of the organization). The below examples shows how to call `GetOAuthToken()` function in Go via casdoor-go-sdk. @@ -90,18 +89,17 @@ The below examples shows how to call `GetOAuthToken()` function in Go via casdoo 1. HTTP `GET` parameter, the URL format is: -``` -/page?clientId=&clientSecret=" -``` - -Demo site example: https://door.casdoor.com/api/get-global-providers?clientId=294b09fbc17f95daf2fe&clientSecret=dd8982f7046ccba1bbd7851d5c1ece4e52bf039d + ```shell + /page?clientId=&clientSecret= + ``` + Demo site example: `https://door.casdoor.com/api/get-global-providers?clientId=294b09fbc17f95daf2fe&clientSecret=dd8982f7046ccba1bbd7851d5c1ece4e52bf039d` 2. [HTTP Basic Authentication](https://en.wikipedia.org/wiki/Basic_access_authentication), the HTTP header format is: -``` -Authorization: Basic -``` + ```shell + Authorization: Basic + ``` If you are not familiar with the Base64 encoding, you can use a library to do that because `HTTP Basic Authentication` is a popular standard supported by many places. @@ -123,8 +121,8 @@ We can use the username and password for a Casdoor user to call `Casdoor Public 1. HTTP `GET` parameter, the URL format is: -``` -/page?username=/&password=" -``` + ```shell + /page?username=/&password=" + ``` -Demo site example: https://door.casdoor.com/api/get-global-providers?username=built-in/admin&password=123 +Demo site example: `https://door.casdoor.com/api/get-global-providers?username=built-in/admin&password=123` diff --git a/docs/provider/captcha/aliyunCaptcha.md b/docs/provider/captcha/aliyunCaptcha.md index 329f16645..2d6b888b0 100644 --- a/docs/provider/captcha/aliyunCaptcha.md +++ b/docs/provider/captcha/aliyunCaptcha.md @@ -7,6 +7,12 @@ authors: [Resulte] Alibaba Cloud Captcha is a captcha service provided by Alibaba Cloud. It offers two ways to verify captcha: "Sliding Validation" and "Intelligent Validation". You can find more details about it in this [link](https://help.aliyun.com/product/28308.html). +:::info + +Currently, only [Alibaba Cloud Captcha 1.0](https://help.aliyun.com/zh/captcha/captcha1-0) is supported. [Alibaba Cloud Captcha 2.0](https://help.aliyun.com/zh/captcha) is currently in the public testing phase, so there are no plans for adaptation in the near term. + +::: + ## Add Captcha Configuration in Alibaba Cloud To add the Captcha configuration, log in to the [Alibaba Cloud management console](https://account.aliyun.com/), search for and go to the Captcha Service. Then, click on **Confirm Open** to enable the Captcha Service.