Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/flagForgeCTF/flagForge/llms.txt

Use this file to discover all available pages before exploring further.

The user profile API exposes two endpoints: one for the authenticated user’s own profile and one for any player’s public profile. The authenticated endpoint returns richer data such as email and a computed rank. The public endpoint returns data that is safe to display to other participants.

GET /api/profile

Retrieve the profile of the currently signed-in user. Requires an active session.
This endpoint returns data specific to your account, including your email address. Do not expose the raw response publicly.

Response fields

name
string
Your display name.
email
string
Your email address.
image
string
URL to your avatar image. Falls back to the session image if the database value is absent or invalid. May be null.
totalScore
number
Your cumulative score across all solved challenges.
rank
number
Your current rank on the platform, calculated by sorting all users by totalScore descending.
level
string
Your computed level label based on totalScore. See the level thresholds below.
completedQuestions
number
Total number of challenges you have solved.
roomsCompleted
number
Alias for completedQuestions.
badges
number
Count of system achievement badges you have earned, based on milestone thresholds (1, 5, 10, 25, 50, and 100 solved challenges).
streak
number
Simplified activity streak, capped at 30.
createdAt
string
ISO 8601 timestamp when your account was created.
customBadges
object[]
Array of custom badges assigned to you by an admin. Each badge object includes name, description, icon, color, assignedAt, and assignedBy.

Level thresholds

Score rangeLevel
0 – 199[0x1][Newbie]
200 – 499[0x2][Scout]
500 – 999[0x3][Codebreaker]
1000 – 1499[0x4][Hacker]
1500 – 1999[0x5][Cipher Hunter]
2000 – 2999[0x6][Forger]
3000+[0x7][Flag Conqueror]

Example

curl "https://flagforgectf.com/api/profile" \
  -H "Cookie: next-auth.session-token=<session-token>"

{
  "name": "alice",
  "email": "alice@example.com",
  "image": "https://lh3.googleusercontent.com/a/example",
  "totalScore": 3750,
  "rank": 1,
  "level": "[0x7][Flag Conqueror]",
  "completedQuestions": 28,
  "roomsCompleted": 28,
  "badges": 5,
  "streak": 28,
  "createdAt": "2024-01-15T08:30:00.000Z",
  "customBadges": [
    {
      "name": "CTF Champion",
      "description": "Winner of the Spring 2024 event",
      "icon": "trophy",
      "color": "#EAB308",
      "assignedAt": "2024-05-01T12:00:00.000Z",
      "assignedBy": "admin@example.com"
    }
  ]
}

Error responses

StatusCondition
401 UnauthorizedYou are not signed in.
404 Not FoundThe signed-in user’s account was not found in the database.

GET /api/user/[username]

Retrieve a player’s public profile by their display name. No authentication is required. The username in the URL can use either spaces or hyphens — both forms are matched case-insensitively.

Path parameters

username
string
required
The player’s display name. Spaces may be replaced with hyphens (e.g. bob-smith matches the user bob smith).

Response fields

success
boolean
true on a successful lookup.
user
object
The player’s public profile.

Example

curl "https://flagforgectf.com/api/user/alice"

{
  "success": true,
  "user": {
    "name": "alice",
    "image": "https://lh3.googleusercontent.com/a/example",
    "totalScore": 3750,
    "rank": 1,
    "level": "[0x7][Flag Conqueror]",
    "completedQuestions": 28,
    "badges": 5,
    "customBadges": [],
    "createdAt": "2024-01-15T08:30:00.000Z",
    "memberSince": 2024
  }
}

Error responses

StatusCondition
404 Not FoundNo user was found with the given username.

Build docs developers (and LLMs) love

Get started for freeTalk to us