Newer
Older
This backoffice is meant to be used only by the admins of Ecolyo app and so they need to login to edit the newsletters.
The protocol used to login is OAuth2 with the Authorization Code grant type ([more info](https://auth0.com/docs/authorization/flows/authorization-code-flow))
Once an admin is connected, he must call the /whoAmI route to access his XSRF-TOKEN and add it in a header named "XSRF-TOKEN" for all requests going to the backend.
The only routes that can be accessed without authentication are /monthlyReport/year/month and /monthlyReport with GET.
They will return all the different sections of a specific or the current newsletter in a single JSON.