VSinerva/freesewing
1
0
Fork 0
Code Activity
freesewing/sites/backend
History
Exact
joostdecock b914b6299f Merge branch 'develop' into cdocs
2025-05-24 12:07:19 +02:00
..
openapi fix(docs): Add/update API keys list 2024-08-30 16:32:47 -07:00
prisma feat(backend): Add height field to cset model 2023-10-20 10:42:43 +02:00
public feqt(backend): Ported to site prebuild system 2023-07-31 18:16:45 +02:00
scripts fix(backend): import fixes 2023-08-13 16:15:06 +02:00
src Merge branch 'develop' into cdocs 2025-05-24 12:07:19 +02:00
tests fix(backend): In tests, use namespace import instead of default 2024-02-12 19:13:43 -08:00
.gitignore feat(backend): Bunch of changes for Docker 2022-12-18 14:41:58 +01:00
build.mjs feat(shared): Add dynamic OG images 2023-11-03 15:36:09 +01:00
Dockerfile chore: fix UID in dockerfile 2022-12-18 14:43:22 +01:00
example.env feat(shared): Initial implementation of Oauth flow 2023-09-01 18:30:24 +02:00
local-config.mjs feat(backend): Bunch of changes for Docker 2022-12-18 14:41:58 +01:00
nodemon.json feat(backend): Reworked signup flow and translation 2023-01-14 17:04:06 +01:00
package.json [breaking]: FreeSewing v4 (#7297) 2025-04-01 16:15:20 +02:00
README.md wip(backend): Work on routes, auth, and email templates 2022-11-05 18:55:59 +01:00
test.sh feat(backend): Support for generating images 2023-11-03 12:58:58 +01:00

README.md

FreeSewing backend

This is a work in process to port the v2 backend to a new v3 backend.

It will be based on Express using Prisma with a SQLite database. Watch this space.

Permission levels

There are two different models to authenticate, as user, or with an API key.

The API keys have more granularity, their permission levels are:

  • 0: No permissions. Can only login but not do anything (used for testing)
  • 1: Read access to own people/patterns data
  • 2: Read access to all account data
  • 3: Write access to own people/pattern data
  • 4: Write access to all own account data (this is the user role)
  • 5: Read access to people/pattern data of all users (this is the bughunter role)
  • 6: Read access to all account data of all users
  • 7: Read access to all account data of all users + Write access for specific support functions (this is the support role)
  • 8: Write access to all account data of all users (this is the admin role)

User roles map to these permission levels as such:

  • user: 4 (this is everybody)
  • bughunter: 5 (a small group of people, less than 10)
  • support: 7 (a small number of trusted collaborators, less than 5)
  • admin: 8 (joost)

When using an API key above level 4, you need the following roles:

  • 5: Requires bughunter, support, or admin
  • 6,7,: Requires support or admin
  • 8: Requires admin