# 开放API

开放API接口URI均&#x4EE5;**/openApi/**&#x5F00;头，在header中通过设置Authorization key来进行校验。您的具体代码类似于以下示例：

```javascript
// node javascript
fetch("https://www.yemapt.org/openApi/xxxxxxxxx", {
  "headers": {
    "Authorization": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
  }
});
```

```bash
# bash
curl 'https://www.yemapt.org/openApi/xxxxxxxxx'\
 -H 'Authorization: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
```

开放api的校验auth必须使用个人详情页中创建的、具有180天有效期的auth。如果用户使用了cookie中的auth，将无法使用开放api，返回结果的success为`false`，errorCode为`403`，errorMessage为`need api auth`。示例如下：

```
{
    "success": true,
    "errorCode": 403,
    "errorMessage": "need api auth"
}
```

## 1. 用户

### 1.1 获取用户基本信息

<mark style="color:green;">`GET`</mark> `/openApi/user/fetchBasicInfo.json`

<mark style="color:green;">`响应结果`</mark>

```json
{
    "success": true,
    "showType": 0,
    "data": {
        "id": 10,
        "name": "abcde",
        "avatar": "/image/avatar/10.png",
        "bonus": 1000000,
        "level": 7,
        "status": "enable",
        "invitedNum": 100,
        "availableInviteNum": 100,
        "registerTime": "2024-05-01T00:00:00.000+00:00",
        "promotionUploadSize": 1000000,
        "promotionDownloadSize": 1000000
    }
}
```

备注：avatar如果是/image/开头的字符串，则可以直接拼接域名访问，如果是32位长度的随机字符串，则需要使用 [Multiavatar](https://github.com/multiavatar) 进行转换，此组件提供了JavaScript、PHP和Python工具包。

### 1.2 校验是否为本站用户

用于第三方系统校验用户提交的auth是否正常，以及获取对应的uid，此功能采用RSA签名技术。

当前使用的publicKey：

{% code overflow="wrap" fullWidth="false" %}

```
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6OpYYWpF5Js8SWtuAXGZ1iWGsADHSDhdkz9wDQYuvRB3SW2xGSQpwYB7B7Bn6ZfoXtxhMm2v4JzwTe3qZioWmwgyweCyv7FIjvsdYIhAHMj7v7jI7zq0Xn9F6CjBMM0AWtCmhhH/eFNxICiCucVGqa6Z0hf5OcAWefPHIOdtMbWp+4fqkjWc7EuEjfqFr2eDy9kHqZWFpuByQa9jiF4v9HzLfoO/UwqBheYkNSLgoTRQ6sSF1bHlDC8yq3l4d/6fsQ7mZPJzWBf2vlohmOVpjy6s4Z+qtNpWsJhrLW9au49+1eYadKpNLR10izG5boKn+z9i5P/tRQ8WNkZELN2OwIDAQAB
```

{% endcode %}

<mark style="color:green;">`POST`</mark> `/openApi/user/authenticate.json`

<mark style="color:green;">`Header`</mark> `ContentType: application/json`

<mark style="color:green;">`Body`</mark>

```json
{
    "publicKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
    "randomContent": "12345678123456781234567812345678"
}
```

备注:&#x20;

* publicKey务必使用wiki中展示的key。
* randomContent请使用UUID生成32位长度字符串，去除中间&#x7684;**`-`**&#x5373;可。

<mark style="color:green;">`响应结果`</mark>

```json
{
    "success": true,
    "showType": 0,
    "data": {
        "userId": 100,
        "signType": "rsa-sha256",
        "publicKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "signature": "OOOOOOOOOOOOOOOOOOOOOOOOOOOO"
    }
}
```

备注:

签名的数据格式为 用户ID制表符randomContent，即:

```java
String data = "{userId}\t{randomContent}"
                .replace("userId","100")
                .replace("randomContent","12345678123456781234567812345678");
```

示例代码：

python：

````python
```python
from base64 import b64decode
import rsa

data = "100\t12345678123456781234567812345678"
publicKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
signature = "OOOOOOOOOOOOOOOOOOOOOOOOOOOO"

PUB = '''
-----BEGIN PUBLIC KEY-----
{publicKey}
-----END PUBLIC KEY-----
'''.format(publicKey=publicKey)

try:
    signType = rsa.verify(data.encode(), b64decode(signature), rsa.PublicKey.load_pkcs1_openssl_pem(PUB))
    print(signType)
except rsa.pkcs1.VerificationError:
    print("verification failed")

```
````

java:

```java
import java.security.*;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;


public static boolean rsaValidate(String publicKeyStr, String sign, String data) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, SignatureException {
    PublicKey publicKey = KeyFactory.getInstance("RSA").generatePublic(
            new X509EncodedKeySpec(Base64.getDecoder().decode(publicKeyStr)));

    Signature verify = Signature.getInstance("SHA256withRSA");
    verify.initVerify(publicKey);
    verify.update(data.getBytes());
    return verify.verify(Base64.getDecoder().decode(sign));
}
```

## 2. 种子

### 2.1 根据piecesHash获取种子id

<mark style="color:green;">`POST`</mark> `/openApi/torrent/fetchTorrentIdWithPiecesHash.json`

<mark style="color:green;">`Header`</mark> `ContentType: application/json`

<mark style="color:green;">`Body`</mark>

```json
{
    "piecesHashList": [
        "e9f3f5dd32abasdfghfea4d43d32559cf0309764",
        "e9f3f5dd32ab123456fea4d43d32559cf0309764"
    ]
}
```

备注: piecesHashList不能为空，数组长度不能超过100

<mark style="color:green;">`响应结果`</mark>

```json
{
    "success": true,
    "showType": 0,
    "data": {
        "e9f3f5dd32abasdfghfea4d43d32559cf0309764": 100
    }
}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://wiki1.yemapt.org/developer/open-api.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.