Add password change API

[blerg.git] / www / doc / index.html

diff --git a/www/doc/index.html b/www/doc/index.html
index d910f7d..6bc071e 100644 (file)
--- a/www/doc/index.html
+++ b/www/doc/index.html
@@ -40,6 +40,7 @@ C.
       <li><a href="#api_unsubscribe">/unsubscribe/(user) - Unsubscribe from a user's updates</a></li>
       <li><a href="#api_feed">/feed - Get updates for subscribed users</a></li>
       <li><a href="#api_feedinfo">/feedinfo, /feedinfo/(user) - Get subscription status</a></li>
+      <li><a href="#api_passwd">/passwd - Change a user's password</a></li>
     </ul>
   </li>
   <li><a href="#design">Design</a>
@@ -343,6 +344,19 @@ interested in.  The server will respond with a simple JSON object:
 <p>The value of "subscribed" will be either true or false depending on
 the subscription status.
 
+<h3><a name="api_passwd">/passwd</a> - Change a user's password</a></h3>
+
+<p>POST to /passwd with a <code>username</code> parameter and an auth
+cookie, plus <code>password</code> and <code>new_password</code>
+parameters to change the user's password.  For extra protection,
+changing a password requires sending the user's current password in the
+<code>password</code> parameter.  If authentication is successful and
+the password matches, the user's password is set to
+<code>new_password</code> and the server responds with JSON success.
+
+If the password doesn't match, or one of <code>password</code> or
+<code>new_password</code> are missing, the server returns JSON failure.
+
 <h2><a name="design">Design</a></h2>
 
 <h3><a name="motivation">Motivation</a></h3>