src/CubeServer-api/README.md
# Explanation of the API:
(mostly a planning document at the moment; see the code for a likely more up-to-date and accurate understanding of the API.)
## Resources:
* Data
- Allows submission of one or more datapoints via the POST method
- Only POST and OPTIONS are allowed here; you can't update or retrieve previous data.
* Status
- Current Date/time
- Game info
- Game start datetime
- Current points
- Allowed methods: HEAD, GET, OPTIONS
## Authorization Scheme:
Pre-shared strings:
* Team Name
- The team name, exactly as it appears on the leaderboard, will be used to identify the team whose device is making the request.
* Team secret
- The hexedecimal key generated by the server upon team registration; This will be used by the API client to sign any requests from the devices for authenticity
- This will then be used by the server to sign the responses
## Headers:
The "Signature" HTTP header will contain a signature of the request body in requests, and the same header will contain a signature of the response body in responses as described above.