README.md

CovidVaultAPI

The RESTful API that supports the CovidVault GUI.

Endpoints

Account

https://root_address/account/id

Returns the following account properties

• name the business name
• avatar boolean value representing the presence of a logo in the database
• selectAll if a location has a conditions of entry checklist, permits the select all button
• statements an array of prompts for the conditions of entry checklist

https://root_address/account/id

Returns the following account properties

• name the business name
• logo the stored logo filename (empty string if none available)
• authContact name of the person authorised to request customer data for contact tracing
• phone contact phone number for the authorised contact
• streetAddress street address of the venue
• suburb suburb / town
• state state / province
• postcode postal code
• email email address of the authorised contact
• selectAll if a location has a conditions of entry checklist, permits the select all button
• statements an array of prompts for the conditions of entry checklist

https://root_address/account

Creates a new venue account.

Accepts the following account properties:

• name
• logo
• authContact
• phone
• streetAddress
• suburb
• state
• postcode
• email Data must be entered in format application/json.

https://root_address/account/id

Permits the upload of a logo via the API. Accepts the following account properties:

• logo

Data must be entered in format multipart/form-data.

https://root_address/account/id

Deletes the account from the database.

Entry

https://root_address/entry/id

Registers a visitor entry at a specified venue. Accepts the following visitor properties:

• name visitor's name
• phone visitor's phone number in the format +61XXXXXXXXX as a string

Data must be entered in format application/json.

Returns the following properties:

• id the unique identifier of the check-in entry

Exit

https://root_address/exit/id

Optional registration to check-out a previously entered visitor. Accepts the following visitor properties:

• id the unique identifier of the check-in entry

Session

https://root_address/session

Creates a user sign-on event for authentication. Accepts the following properties:

• username contact email address
• password

Returns the following properties:

• accountID the venue ID
• sessionID the session ID
• accessToken the private key to allow access to authenticated endpoints
• accessExpiry the date and time of access expiry
• refreshToken the private key to reestablish the session without signin
• refreshExpiry the date and time of the refresh token's expiry

https://root_address/session/id

Refreshes the access token. Accepts the following properties:

• refreshToken the private key to reestablish the session without signin

Returns the following properties:

• accountID the venue ID
• sessionID the session ID
• accessToken the private key to allow access to authenticated endpoints
• accessExpiry the date and time of access expiry
• refreshToken the private key to reestablish the session without signin
• refreshExpiry the date and time of the refresh token's expiry

https://root_address/session/id

Signs the user out and deletes access tokens from the database.

Returns the following properties:

• sessionID the session ID

Statistics

https://root_address/statistics/id

Returns the following anonymised statistics:

• byDay the number of visitors by day of the week
• byHour the number of visitors by hour of the day
• return the percentage (as a number between 0 and 100) of visitors that appear more than once in the database
• today the number of visitors recorded today

Authenticated Endpoints

To access authenticated endpoints, the query must be sent with the Authorization header set to a valid accessToken.