Skip to main content

Overview

The User Management API provides endpoints for managing users, authentication, and user-related operations in jshERP. All endpoints require proper authentication unless otherwise specified. Base Path: /user

Authentication Endpoints

User Login

This endpoint does not require authentication.
POST /user/login
Authenticates a user with login credentials and captcha verification.
loginName
string
required
User’s login name
password
string
required
User’s password (MD5 hashed)
code
string
required
Captcha verification code
uuid
string
required
UUID from captcha request
code
integer
Response status code (200 for success, 500 for error)
data
object
Contains authentication token and user information
{
  "loginName": "admin",
  "password": "5f4dcc3b5aa765d61d8327deb882cf99",
  "code": "1234",
  "uuid": "a1b2c3d4e5f6g7h8"
}

WeChat Login

POST /user/weixinLogin
Authenticates a user using WeChat authorization code.
weixinCode
string
required
WeChat authorization code
code
integer
  • 200: Success
  • 501: WeChat not bound
  • 500: Login failed

WeChat Binding

POST /user/weixinBind
Binds a WeChat account to an existing user account.
loginName
string
required
User’s login name
password
string
required
User’s password
weixinCode
string
required
WeChat authorization code

Get User Session

GET /user/getUserSession
Retrieves current authenticated user information from session.
code
integer
Response status code
data.user
object
User object without password

Logout

GET /user/logout
Logs out the current user and clears session data.
code
integer
Response status code

User CRUD Operations

Get User Information

GET /user/info?id={id}
Retrieves detailed information for a specific user.
id
long
required
User ID
code
integer
Response status code
info
object
User entity object

Get User List

GET /user/list?search={search}
Retrieves a paginated list of users with optional filtering.
search
string
JSON string containing search filters:
  • userName: Filter by display name
  • loginName: Filter by login name
rows
array
Array of UserEx objects with extended information
total
integer
Total number of records
curl -X GET "http://localhost:9999/jshERP-boot/user/list?search={\"userName\":\"John\"}" \
  -H "Authorization: Bearer {token}"

Create User

POST /user/add
Creates a new user account.
username
string
required
Display name
loginName
string
required
Login username (must be unique)
password
string
required
Password (MD5 hashed)
email
string
Email address
phonenum
string
Phone number
department
string
Department name
position
string
Job position
status
byte
default:"1"
User status (0: disabled, 1: enabled)

Update User

PUT /user/update
Updates an existing user’s information.
id
long
required
User ID
username
string
Display name
email
string
Email address
phonenum
string
Phone number
department
string
Department name
position
string
Job position
status
byte
User status

Delete User

DELETE /user/delete?id={id}
Deletes a user account (soft delete).
id
long
required
User ID to delete

Batch Delete Users

DELETE /user/deleteBatch?ids={ids}
Deletes multiple users in a single operation.
ids
string
required
Comma-separated user IDs (e.g., “1,2,3”)

User Management

Add User with Organization

POST /user/addUser
Creates a new user and establishes organization relationships.
This endpoint checks tenant user limits before creating the user.
username
string
required
Display name
loginName
string
required
Login username
password
string
required
Password (MD5 hashed)
orgaId
long
Organization ID to associate with user

Update User with Organization

PUT /user/updateUser
Updates user information and organization relationships.
id
long
required
User ID
orgaId
long
New organization ID

Register User

This endpoint does not require authentication.
POST /user/registerUser
Registers a new user account with captcha verification.
loginName
string
required
Login username (will also be used as display name)
password
string
required
Password (MD5 hashed)
code
string
required
Captcha verification code
uuid
string
required
UUID from captcha request

Get User List (Dropdown)

GET /user/getUserList
Retrieves a simplified user list for dropdown selections.
array
array
Array of objects with id and userName fields
[
  {
    "id": 1,
    "userName": "John Doe"
  },
  {
    "id": 2,
    "userName": "Jane Smith"
  }
]

Password Management

Reset Password

POST /user/resetPwd
Resets a user’s password (admin function).
id
long
required
User ID
password
string
required
New password (MD5 hashed)

Update Password

PUT /user/updatePwd
Allows a user to change their own password.
userId
long
required
User ID
oldpassword
string
required
Current password (MD5 hashed)
password
string
required
New password (MD5 hashed)
status
integer
  • 1: Success
  • 2: Old password incorrect
  • 3: Update failed

Permissions and Roles

Get Current User’s Role Type

GET /user/getRoleTypeByCurrentUser
Retrieves the role type for the current authenticated user.
roleType
string
Role type (e.g., “public”, “tenant”)

Get Current User’s Button Permissions

GET /user/getUserBtnByCurrentUser
Retrieves button-level permissions for the current user.
userBtn
array
Array of button permission strings

Get Current User’s Price Limit

GET /user/getCurrentPriceLimit
Retrieves price visibility limitations for the current user.
priceLimit
string
Price limit configuration

Organization and Tree

Get Organization User Tree

GET /user/getOrganizationUserTree
Retrieves a hierarchical tree structure of organizations and their users.
array
array
Array of tree node objects with nested children

Get Users with Checked Status

GET /user/getUserWithChecked?UBType={type}&UBValue={value}
Retrieves user list with checked status for permission assignment.
UBType
string
required
User business type
UBValue
string
required
User business value

Utility Endpoints

Check Login Name Exists

GET /user/checkIsNameExist?id={id}&name={name}
Checks if a login name is already in use.
id
long
required
User ID (0 for new user)
name
string
Login name to check
status
boolean
true if name exists, false otherwise

Get Random Captcha

This endpoint does not require authentication.
GET /user/randomImage
Generates a random captcha image for verification.
uuid
string
UUID to include in login/register request
base64
string
Base64-encoded captcha image
{
  "code": 200,
  "data": {
    "uuid": "a1b2c3d4e5f6g7h8i9j0",
    "base64": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAA..."
  }
}

Batch Set User Status

POST /user/batchSetStatus
Enables or disables multiple users at once.
status
byte
required
Status to set (0: disabled, 1: enabled)
ids
string
required
Comma-separated user IDs

Get User Info with Tenant

GET /user/infoWithTenant
Retrieves current user information along with tenant details and limits.
type
string
Tenant type (0: free, 1: paid)
expireTime
string
Tenant expiration date
userCurrentNum
integer
Current number of users
userNumLimit
integer
Maximum allowed users
tenantId
long
Tenant ID

Data Models

User Entity

id
long
Unique user identifier
username
string
Display name
loginName
string
Login username
password
string
Encrypted password (never returned in responses)
leaderFlag
string
Leader flag indicator
position
string
Job position/title
department
string
Department name
email
string
Email address
phonenum
string
Phone number
ismanager
byte
Manager flag (0: no, 1: yes)
isystem
byte
System user flag (0: no, 1: yes)
status
byte
User status (0: disabled, 1: enabled)
description
string
User description
remark
string
Additional remarks
weixinOpenId
string
WeChat Open ID for WeChat integration
tenantId
long
Associated tenant ID
deleteFlag
string
Soft delete flag

Error Codes

CodeDescription
200Success
500Internal server error
501WeChat not bound
Most endpoints return a standard response format with code and data fields. Check the code field to determine success or failure.

Build docs developers (and LLMs) love

Get started for freeTalk to us