Messa - Server

Authentication

POST

/api/auth/register

Create new account with username, password, and recovery email.

POST

/api/auth/login

Authenticate and receive Bearer token (valid for 30 days).

POST

/api/auth/logout

Invalidate current active session token.

POST

/api/auth/forgot-password

Generate and dispatch 6-digit recovery code.

POST

/api/auth/reset-password

Assign new password using verified reset code.

Messages

POST

/api/messages/send

Dispatch text or media payload to target user.

GET

/api/messages/conversation?with=<user>

Fetch paginated chat history (automatically marks as read).

GET

/api/messages/contacts

Retrieve all active chats with latest message and unread count.

GET

/api/messages/poll?since=<ISO>

Long-polling endpoint for new messages (used by Android client).

POST

/api/messages/read

Mark all pending messages from specific user as read.

DEL

/api/messages/<id>

Soft-delete an owned message from the server.

Media & Storage

POST

/api/media/upload

Upload base64 media stream. Returns unique media identifier.

GET

/api/media/<media_id>

Download or stream media asset by ID.

GET

/api/media/storage

Check account storage quota and partition usage.

Users Directory

GET

/api/users/me

Fetch authenticated user's private profile details.

GET

/api/users/search?q=<name>

Query public user directory to initiate connections.

GET

/api/users/online

Retrieve list of users active within the last 120 seconds.

POST

/api/users/avatar

Assign media asset as public profile picture.