GET /api/qr Bearer

Generate QR Login Code

Generate a QR code for mobile device login to the PocketPaw dashboard. Scan the QR code with your phone to authenticate without manually entering credentials or tokens.

Overview

Generates a QR code PNG image that encodes the dashboard URL with an embedded access token. Scanning this QR code on a mobile device automatically authenticates the user.

This endpoint requires authentication. The caller must already have a valid session (via Bearer token, session cookie, or localhost bypass). The QR code embeds a short-lived (60-second) pairing token so that a leaked QR image cannot grant long-lived access.

Response

Returns a PNG image (image/png content type) as a streaming response.

curl -X GET "http://localhost:8000/api/qr" \
  -H "Authorization: Bearer $TOKEN" -o login-qr.png

const response = await fetch("http://localhost:8000/api/qr", {
  headers: { Authorization: `Bearer ${token}` },
});
const blob = await response.blob();
const url = URL.createObjectURL(blob);
// Use url in an <img> tag or download link
console.log("QR code blob URL:", url);

import requests

response = requests.get(
    "http://localhost:8000/api/qr",
    headers={"Authorization": f"Bearer {token}"},
)
with open("login-qr.png", "wb") as f:
    f.write(response.content)
print("QR code saved to login-qr.png")

Binary PNG image (content-type: image/png)

Was this page helpful?

Request

curl -X GET "http://localhost:8000/api/qr" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <token>"

const response = await fetch("http://localhost:8000/api/qr", {
  method: "GET",
  headers: {
    "Content-Type": "application/json",
    "Authorization": "Bearer <token>"
},
});

const data = await response.json();
console.log(data);

import requests

response = requests.get(
    "http://localhost:8000/api/qr",
    headers={'Content-Type':'application/json','Authorization':'Bearer <token>'},
)

print(response.json())

package main

import (
    "fmt"
    "net/http"
    "io"
)

func main() {
    req, _ := http.NewRequest("GET", "http://localhost:8000/api/qr", nil)
    req.Header.Set("Content-Type", "application/json")
    req.Header.Set("Authorization", "Bearer <token>")

    client := &http.Client{}
    resp, _ := client.Do(req)
    defer resp.Body.Close()

    body, _ := io.ReadAll(resp.Body)
    fmt.Println(string(body))
}

Response
Send a request to see the response