Performing database operations with BearDB REST Server

This part of the documentation covers how to use REST requests to perform database operations such as a SQL Query or an INSERT operation.

The current version of the BearDB REST server supports SQL Queries and INSERT operations.
UPDATE, DELETE and any other database operations may be added to the REST Server in a future release.

    NOTE: The BearDB database engine is running anytime the REST Server is running.
    Database operations can always be performed via SQL using any of the BearDB clients if desired.

Authenticating users with the BearDB REST Server

When utilizing the BearDB REST Server, authentication credentials for the user are the same as those configured in BearDB. It is not necessary to add users outside the BearDB database to access the REST Server.
The permissions in BearDB dictate which tables are visible to a user, and if the tables are READ-ONLY or READ-WRITE.

When using the BearDB REST Server, the permissions of the authenticated user will dictate which tables can be seen and modified, and the REST Server will enforce the same permissions.
In this initial release of the REST Server there are no separate permissions for users related to REST Server access. This will be enhanced in the next release with a proper permissions model.

    WARNING: Never use the administrator account to access the BearDB REST Server.

It is strongly recommended to make a new BearDB user for REST access.

Authentication is performed using two values which have to be in the HTTP header of every REST request. If the authentication values are not in the REST request, then no results will be returned. If the authentication password is incorrect then the database operation will not be performed and the result data will reflect an authentication error.

The following key/value pairs need to be set in the HTTP header of every REST request:

    acct:   This is the BearDB users login, which is case-sensitive.
    token:  This value should be set to the BearDB users password.