X-Git-Url: https://dev.renevier.net/gitweb.cgi?p=syp.git;a=blobdiff_plain;f=devdoc%2Fapi.txt;h=804c0c4d4baba7295f629a5d0af4d1651e0c8087;hp=590964a2cbaf3f391a702918acee9ef5a870259f;hb=939514b912738c5784b04a0d207db1afd918eb69;hpb=080f837e8fbca48c55f4549df13b9c4772db3613

diff --git a/devdoc/api.txt b/devdoc/api.txt
index 590964a..804c0c4 100644
--- a/devdoc/api.txt
+++ b/devdoc/api.txt
@@ -11,15 +11,29 @@ Client submits a classic html form to server.
 **note**: In this documentation, php notation is used (`_POST` and `_FILES`),
 but server may be written in any language.
 
-` _POST["password"]` may contains user password. If it is set, access is
- checked. If it is not set, authentification cookie is checked. If neither are
- present, or if one of them is wrong, access is denied.
+` _POST["password"]` and `_POST["user"] may contain user name and password. If
+ they are set, access is checked. If they is not set, cookies are checked. If
+ neither are present.
 
 `_POST["request"]` is either:
 
 ## auth
  asks for authentication
 
+## changepass
+ change user password
+ * `$_POST ["pass_current"]` must contain current password. This is needed: cookie
+    authentification is not enough.
+ * `$_POST ["pass_new"]` must contain new password
+
+## newuser
+ adds a new user
+ * `$_POST ["newuser_name"]` must contain user name
+ * `$_POST ["newuser_password"]` must contain user password
+
+ Only admin can add new users.
+
+
 ## add
  adds a new feature
 
@@ -71,11 +85,20 @@ as _text/html_
  * `toobig`: uploaded file was too big
  * `notation`: uploaded file was not an image
  * `nochange`: when trying to update a feature, there is nothing to update (ie: no field of the feature has changed)
+ * `wrongpass`: wrong current password when trying to change password
+ * `newuser_exists`: when trying to add an user which has the same name as an already registered user
 
 ## success handling:
 
- * `<success request="auth"></success>`:
-     authentication was successfull
+ * `<success request="auth"><user>?user_name?</name></success>`:
+     authentication was successfull. ?user_name? is name of authenticated user.
+
+ * `<success request="newuser"><user>?user_name?</name></success>`:
+     new user addition was successfull. ?user_name? is name of newly added user.
+
+ * `<success request="changepass"><user>?user_name?</name></success>`:
+     password change was successfull. ?user_name? is name user whose password
+     has been changed.
 
  * `<success request="del">
      <feature>
