# Authentication

## Auth API: `/api/bw/v2/auth`

API BW version 2

### Methods

#### POST: Generate a JWT using username and password

- POST `u` User
- POST `p` Password

  **RESULT**:

  `HTTP 200` Authorized

  ```json
  {
    "done": "JWT genetared",
    "jwt": "eyJ0eXAiOiJKV1QiLCJhbGc...iWygJOKQ-Nsv0geu5cHLAJUhV1OrTw"
  }
  ```

  `HTTP 401` Unauthorized

  ```json
  {
    "fail": "Unauthorized"
  }
  ```

#### GET: Return authentication status

- HEADER `Authorization` Value: "Bearer authBearerString" string
- HEADER `Authorization-Bearer` Alternative to Authorization. Value: authBearerString string

  Supports "Authorization-Bearer: authBearerString" as an alternative to "Authorization: Bearer authBearerString"

  Header name is case-sensitive

  **RESULT**:

  `HTTP 200` Authorized with status

  ```json
  {
    "done": "JWT verified",
    "jwt": {
      "iss": "proyect",  // issuer
      "iat": 1234567111, // issued at
      "exp": 1234567999, // expiration
      "sub": "user"      // subject
    }
  }
  ```

  `HTTP 401` Unauthorized

  ```json
  {
    "fail": "Unauthorized"
  }
  ```