Update README with API endpoints

1 files changed, 37 insertions, 0 deletions

diff --git a/README.md b/README.md
index bef50bc..7131b78 100644
--- a/README.md
+++ b/README.md
@@ -42,3 +42,40 @@ The seed file should be of the following format:
   ]
 }
 ```
+
+## API endpoints
+
+| Path | Method | Parameter | Description |
+| - | - | - | - |
+| `/` | GET | - | static hosting `/files/index.html` |
+| `/files/{file}` | GET | - | static hosting `{file}`, from `hosted/` directory. *Path traversal*-safe |
+| `/login` | GET | - | static hosting `/files/login.html` |
+| `/login` | POST | `username`, `accesscode` | processing `username` and `accesscode`, giving the user a session if they are valid |
+| `/logout` | GET | - | Invalidates the session |
+| `/challenges` | GET | - | static hosting `/files/challenges.html` |
+| `/access` | GET | - | static hosting `/files/access.html` |
+| `/api/getChallenges` | GET | - | Returns all challenges, as JSON. For an example, see below. |
+| `/api/submitFlag` | POST | `challengeName`, `flag` | Validates `flag` for `challengeName` |
+| `/api/startContainer` | POST | `challengeName` | Starts the challenge container for `challengeName`, if it's not already started |
+| `/api/stopContainer` | POST | `challengeName` | Stops the challenge container for `challengeName`, if it's running |
+| `/api/getAccess` | GET | - | Returns  |
+
+### Response: `/api/getChallenges`
+
+```
+{
+	"categories": {
+		"Miscellaneous":1 // contains the amount of challenges in that category
+	},
+	"challenges": [
+		{
+			"name": "ChallengeName",
+			"description": "Some meaningful, interesting and funny description",
+			"category": "Miscellaneous",
+			"foundFlag": false, // whether the user found the flag
+			"ContainsLaunchable": true, // if set to true: there's a container which can be started/stopped
+			"IPAddress": "1.2.3.4" // contains the IP address if the container is running
+		}
+	]
+}
+```