forked from shihaam/thijooree
118 lines
2.8 KiB
Markdown
118 lines
2.8 KiB
Markdown
# Profile Picture
|
|
|
|
Fetch the authenticated user's profile picture. The endpoint redirects to the actual image URL.
|
|
|
|
---
|
|
|
|
## Endpoint
|
|
|
|
```
|
|
GET https://fahipay.mv/images/profiles/picture/?t={timestamp}
|
|
```
|
|
|
|
---
|
|
|
|
## Prerequisites
|
|
|
|
- Valid `authID` from [login](01-login.md) or [OTP](02-otp.md)
|
|
- Valid `__Secure-sess` session cookie
|
|
|
|
---
|
|
|
|
## Request
|
|
|
|
### Headers
|
|
|
|
| Header | Value |
|
|
|---|---|
|
|
| `authid` | `xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx` |
|
|
| `User-Agent` | `okhttp/4.12.0` |
|
|
| `Accept-Encoding` | `gzip` |
|
|
| `Connection` | `Keep-Alive` |
|
|
| `Cookie` | `__Secure-sess=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx` |
|
|
|
|
### Query Parameters
|
|
|
|
| Parameter | Description | Example |
|
|
|---|---|---|
|
|
| `t` | Cache-busting timestamp string | `Sat May 16 2026 14:57:52 GMT+0500` |
|
|
|
|
The `t` parameter is a URL-encoded timestamp used to prevent browser caching. The value can be any string — the server ignores it for routing purposes.
|
|
|
|
---
|
|
|
|
## curl Example
|
|
|
|
```bash
|
|
curl --request GET \
|
|
--url 'https://fahipay.mv/images/profiles/picture/?t=Sat%20Jan%2001%202026%2012:00:00%20GMT+0500' \
|
|
--compressed \
|
|
--header 'Accept-Encoding: gzip' \
|
|
--header 'Connection: Keep-Alive' \
|
|
--header 'Cookie: __Secure-sess=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
|
|
--header 'User-Agent: okhttp/4.12.0' \
|
|
--header 'authid: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
|
|
```
|
|
|
|
---
|
|
|
|
## Response
|
|
|
|
### Success
|
|
|
|
The server responds with `HTTP 302` and a `Location` header pointing to the actual image URL.
|
|
|
|
```
|
|
HTTP/1.1 302 Found
|
|
Location: https://fahipay.mv/images/profiles/0000/avatar.jpg?v=0000000000
|
|
```
|
|
|
|
Follow the redirect to download the image. The final response is the raw image bytes (`image/jpeg` or `image/png`).
|
|
|
|
---
|
|
|
|
### No Picture Set
|
|
|
|
If the user has not uploaded a profile picture, the redirect points to a default placeholder image:
|
|
|
|
```
|
|
Location: https://fahipay.mv/images/profiles/default.png
|
|
```
|
|
|
|
---
|
|
|
|
### Error
|
|
|
|
If the session is invalid, the server returns `HTTP 401` or redirects to an error page.
|
|
|
|
---
|
|
|
|
## Implementation Notes
|
|
|
|
- HTTP clients that follow redirects automatically (e.g. `OkHttpClient` with `followRedirects(true)`) will return the image bytes directly.
|
|
- Use `followRedirects(false)` and read the `Location` header if you need the resolved image URL separately.
|
|
- The image URL contains the user's `profileID` in the path — this matches the `profileID` field from the [profile response](03-profile.md).
|
|
- The `v=` query parameter in the image URL is a version/cache key. It changes when the user updates their picture.
|
|
|
|
---
|
|
|
|
## Suggested Usage
|
|
|
|
```
|
|
timestamp = current time formatted as URL-safe string
|
|
GET /images/profiles/picture/?t={timestamp}
|
|
→ 302 Location: <image URL>
|
|
→ GET <image URL>
|
|
→ image bytes
|
|
```
|
|
|
|
Cache the downloaded image by `profileID` and re-fetch when the user explicitly refreshes, rather than on every app launch.
|
|
|
|
---
|
|
|
|
|
|
|
|
---
|
|
|
|
[← Transaction History](05-history.md)
|