# Authentification

Our application uses JSON Web Tokens (JWT) for authentication and authorization.

The JWT must be included in the HTTP request headers using the Authorization header with the Bearer schema. Example:

<figure><img src="https://3537456676-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FiaoXkFJNtgMxQ59XY87F%2Fuploads%2FJ0fvDldcyjPDBPpBYVvL%2F%D0%B2%D0%B5%D1%81%201.jpeg?alt=media&#x26;token=475b065d-f2b8-4134-aef2-2f3d0c0edebe" alt=""><figcaption></figcaption></figure>

You can obtain a JWT token by sending a POST request with your signature to the following endpoint:

<mark style="color:green;">POST /api/auth/login</mark>

! Your account will be registered after you create Eth smart contract via Factory contract.

This endpoint have 3 body parameters:

1\)    signer: who create ves-contract

2\)    timestampInMs: timestamp in milliseconds, also it is message which signer must sign

3\)    signature: signature which contains timestampInMs value which sign by signer

! timestampInMs must be more/less than current time maximum on 5 minutes

Example request:

<figure><img src="https://3537456676-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FiaoXkFJNtgMxQ59XY87F%2Fuploads%2FPTljsTaFUGYBlulr3v9U%2F%D0%B2%D0%B5%D1%81%202.jpeg?alt=media&#x26;token=e0184be8-bed9-4f37-824c-4489f6304413" alt=""><figcaption></figcaption></figure>

Example response:

<figure><img src="https://3537456676-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FiaoXkFJNtgMxQ59XY87F%2Fuploads%2FHVHiY2iYjEtUFXc2HGht%2F%D0%B2%D0%B5%D1%81%203.jpeg?alt=media&#x26;token=494f88ca-c34b-4b55-b4d4-65b21bf08f7c" alt=""><figcaption></figcaption></figure>

Response contains 3 fields in data object:

1\)    accessToken: JWT token

2\)    refreshToken: string which using to refresh access token when it expired

3\)    accessExpiryAt: time when access token will expire, access token life is 15 minutes

4\)    refreshExpiryAt: time when refresh token will expire, refresh token life is 24 hours

When your access token expired, you can refresh it via endpoint

<mark style="color:green;">POST /api/auth/refresh</mark>

This endpoint have 3 body parameters:

1\)    expiredAccessToken: JWT token which you want refresh

2\)    refreshToken: refresh token which you get with access token

*<mark style="color:orange;">! You need provide refresh token which you get with access token, or refreshing will cancel</mark>*

Example request:

<figure><img src="https://3537456676-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FiaoXkFJNtgMxQ59XY87F%2Fuploads%2FQRuUqS7w0DUFcASoYK2i%2F%D0%B2%D0%B5%D1%81%204.jpeg?alt=media&#x26;token=c439b0ae-6b4a-48e5-8d70-8ec45c849a48" alt=""><figcaption></figcaption></figure>

Example response:

<figure><img src="https://3537456676-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FiaoXkFJNtgMxQ59XY87F%2Fuploads%2FQakeWe0X8dOJ60XtOuLD%2F%D0%B2%D0%B5%D1%81%205.jpeg?alt=media&#x26;token=db5e717b-dade-424e-96b8-4335a9ab7f94" alt=""><figcaption></figcaption></figure>