get /log-entriesdelete /log-entries/{id}get /log-entries/{id}put /log-entries/{id}post /log-entriesget /meal-entriesdelete /meal-entries/{id}get /meal-entries/{id}put /meal-entries/{id}post /meal-entriesget /get /weight-entriesdelete /weight-entries/{id}get /weight-entries/{id}put /weight-entries/{id}post /weight-entriesput /foods/{id}application/jsonpost /foodsapplication/jsonget /log-entries""application/jsondelete /log-entries/{id}put /log-entries/{id}application/jsonpost /log-entriesapplication/jsonpost /loginTo log in to the API, the client must provide the user's email, password, and the client's public key. This request also serves as a key exchange step. After a successful login, the server responds with its own public key. All future requests from the client must be signed using their private key, and the server will verify them using the stored public key.
The algorithm used is Ed25519, as defined in RFC 8410. The public key must be encoded in X.509 format (SubjectPublicKeyInfo structure). Raw keys are not accepted.
The X.509 public key must be base64-encoded using a URL-safe variant (base64url) with padding characters (=) removed. This ensures compatibility with URL transmission and JWT formatting.
Google’s Tink cryptographic library can be used to generate Ed25519 key pairs. The public key can be exported in X.509 format using Tink's KeysetHandle and appropriate templates. Be sure to encode it correctly before sending.
This mechanism allows the server to authenticate and verify all future signed requests from the client in a stateless and secure way.
application/json{
"clientPublicKey" : "",
"archivedAt" : {
"epochSeconds" : "",
"nanosecondsOfSecond" : ""
},
"createdBy" : "",
"serverPublicKey" : ""
}application/jsonget /meal-entries""application/jsondelete /meal-entries/{id}get /meal-entries/{id}put /meal-entries/{id}application/jsonpost /meal-entriesapplication/jsonget /meals""application/jsonput /meals/{id}application/jsonpost /mealsapplication/jsonpost /searchapplication/jsonget /shopping-list""application/jsondelete /shopping-list/{id}post /shopping-listapplication/jsonput /users/currentapplication/jsonget /weight-entries""application/jsondelete /weight-entries/{id}get /weight-entries/{id}put /weight-entries/{id}application/jsonpost /weight-entriesapplication/json<error>com.greasefit.server.models.authMethod.AuthMethodcom.greasefit.server.models.food.Foodcom.greasefit.server.models.logEntry.LogEntrycom.greasefit.server.models.meal.Mealcom.greasefit.server.models.mealEntry.MealEntrycom.greasefit.server.models.shoppingList.ShoppingListItemcom.greasefit.server.models.stepCount.StepCountcom.greasefit.server.models.user.Usercom.greasefit.server.models.user.UserLogincom.greasefit.server.models.weightEntry.WeightEntrycom.greasefit.shared.data.resources.searchResult.SearchRequestcom.greasefit.shared.data.resources.stepCount.StepCountRequestjava.time.Instantjava.util.UUIDkotlinx.datetime.Instantcom.greasefit.server.models.authMethod.AuthMethod Upcom.greasefit.server.models.food.Food Upcom.greasefit.server.models.logEntry.LogEntry Upcom.greasefit.server.models.meal.Meal Upcom.greasefit.server.models.mealEntry.MealEntry Upcom.greasefit.server.models.shoppingList.ShoppingListItem Upcom.greasefit.server.models.stepCount.StepCount Upcom.greasefit.server.models.user.User Upcom.greasefit.server.models.weightEntry.WeightEntry Up