Authentication
==============

All Lighthouse API endpoints require authentication. The API uses token-based authentication, which requires you to include an API token in the request headers.

Obtaining an API Token
---------------------

API tokens are issued by the Lighthouse team. To request an API token:

1. Contact the Lighthouse team with your use case
2. Receive your API token
3. Store the token securely - it won't be displayed again

Making Authenticated Requests
----------------------------

To authenticate your requests, include the token in the ``Authorization`` header:

.. code-block:: http

    GET /api/v2/pages/?type=releases.ReleasePage HTTP/1.1
    Host: lighthouse-api.yipit.systems
    Authorization: Token YOUR_API_TOKEN

Example using ``curl``:

.. code-block:: bash

    curl -H "Authorization: Token YOUR_API_TOKEN" https://lighthouse-api.yipit.systems/api/v2/pages/?type=releases.ReleasePage

Example using Python:

.. code-block:: python

    import requests

    token = "YOUR_API_TOKEN"
    headers = {"Authorization": f"Token {token}"}
    response = requests.get(
        "https://lighthouse-api.yipit.systems/api/v2/pages/?type=releases.ReleasePage",
        headers=headers
    )
    data = response.json()

Security Considerations
---------------------

- Keep your API token secure and do not share it
- Use HTTPS for all API requests
- Rotate tokens periodically for increased security
- If you suspect a token has been compromised, contact the Lighthouse team immediately