- Introduced a new `config.yaml` file for managing server, database, cache, queue, AI, scraping, logging, and rate limiting configurations. - Updated `docker-compose.yml` to reflect the new server port (8081) and adjusted health check endpoints accordingly. - Modified `Dockerfile` to expose the new server port. - Updated `README.md` to reflect changes in server configuration and added documentation for the new configuration structure. - Added test scripts for server and Swagger documentation testing. - Refactored customer domain structure to align with new configuration settings and improve maintainability.
11 KiB
API Examples
This document provides examples of how to interact with the Tender Management API using curl commands.
Prerequisites
-
Start MongoDB:
sudo systemctl start mongod -
Start the server:
make run -
Verify server is running:
curl http://localhost:8081/health
Customer Management Examples
1. Register a New Customer (Admin Only)
curl -X POST http://localhost:8081/api/admin/customers/register \
-H "Content-Type: application/json" \
-d '{
"full_name": "John Doe",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"password": "securepassword123",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/avatar.jpg"
}'
Expected Response:
{
"success": true,
"message": "Customer registered successfully",
"data": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"full_name": "John Doe",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/avatar.jpg",
"status": "active",
"is_verified": false,
"created_at": 1703123456,
"updated_at": 1703123456
}
}
2. Customer Login
curl -X POST http://localhost:8081/api/customers/login \
-H "Content-Type: application/json" \
-d '{
"email_or_mobile": "john@example.com",
"password": "securepassword123"
}'
Expected Response:
{
"success": true,
"message": "Login successful",
"data": {
"customer": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"full_name": "John Doe",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/avatar.jpg",
"status": "active",
"is_verified": false,
"created_at": 1703123456,
"updated_at": 1703123456
},
"access_token": "abc123def456",
"refresh_token": "xyz789uvw012",
"expires_at": 1703127056
}
}
3. Get Customer Profile (Protected)
curl -X GET http://localhost:8081/api/customers/profile \
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000"
Expected Response:
{
"success": true,
"message": "Profile retrieved successfully",
"data": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"full_name": "John Doe",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/avatar.jpg",
"status": "active",
"is_verified": false,
"created_at": 1703123456,
"updated_at": 1703123456
}
}
4. Update Customer Profile (Protected)
curl -X PUT http://localhost:8081/api/customers/profile \
-H "Content-Type: application/json" \
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
-d '{
"full_name": "John Smith",
"profile_image": "https://example.com/new-avatar.jpg"
}'
Expected Response:
{
"success": true,
"message": "Profile updated successfully",
"data": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"full_name": "John Smith",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/new-avatar.jpg",
"status": "active",
"is_verified": false,
"created_at": 1703123456,
"updated_at": 1703123456
}
}
5. Change Password (Protected)
curl -X PUT http://localhost:8081/api/customers/change-password \
-H "Content-Type: application/json" \
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
-d '{
"old_password": "securepassword123",
"new_password": "newsecurepassword456"
}'
Expected Response:
{
"success": true,
"message": "Password changed successfully",
"data": null
}
6. Add Device Token (Protected)
curl -X POST http://localhost:8081/api/customers/device-token \
-H "Content-Type: application/json" \
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
-d '{
"device_token": "fcm_token_123456",
"device_type": "android"
}'
Expected Response:
{
"success": true,
"message": "Device token added successfully",
"data": null
}
7. Remove Device Token (Protected)
curl -X DELETE http://localhost:8081/api/customers/device-token \
-H "Content-Type: application/json" \
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
-d '{
"device_token": "fcm_token_123456"
}'
Expected Response:
{
"success": true,
"message": "Device token removed successfully",
"data": null
}
8. Logout (Protected)
curl -X POST http://localhost:8081/api/customers/logout \
-H "Content-Type: application/json" \
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
-d '{
"device_token": "fcm_token_123456"
}'
Expected Response:
{
"success": true,
"message": "Logged out successfully",
"data": null
}
Admin Management Examples
9. List All Customers (Admin Only)
curl -X GET "http://localhost:8081/api/admin/customers?limit=10&offset=0&search=john&status=active" \
-H "Content-Type: application/json"
Expected Response:
{
"success": true,
"message": "Customers retrieved successfully",
"data": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"full_name": "John Smith",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/new-avatar.jpg",
"status": "active",
"is_verified": false,
"created_at": 1703123456,
"updated_at": 1703123456
}
],
"meta": {
"total": 1,
"limit": 10,
"offset": 0
}
}
10. Get Customer by ID (Admin Only)
curl -X GET http://localhost:8081/api/admin/customers/550e8400-e29b-41d4-a716-446655440000 \
-H "Content-Type: application/json"
Expected Response:
{
"success": true,
"message": "Customer retrieved successfully",
"data": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"full_name": "John Smith",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/new-avatar.jpg",
"status": "active",
"is_verified": false,
"created_at": 1703123456,
"updated_at": 1703123456
}
}
11. Update Customer Status (Admin Only)
curl -X PUT http://localhost:8081/api/admin/customers/550e8400-e29b-41d4-a716-446655440000/status \
-H "Content-Type: application/json" \
-d '{
"status": "suspended"
}'
Expected Response:
{
"success": true,
"message": "Customer status updated successfully",
"data": null
}
12. Get All Device Tokens (Admin Only)
curl -X GET http://localhost:8081/api/admin/customers/device-tokens \
-H "Content-Type: application/json"
Expected Response:
{
"success": true,
"message": "Device tokens retrieved successfully",
"data": [
{
"token": "fcm_token_123456",
"device_type": "android",
"customer_id": "550e8400-e29b-41d4-a716-446655440000"
}
]
}
Error Examples
13. Invalid Email Format
curl -X POST http://localhost:8081/api/admin/customers/register \
-H "Content-Type: application/json" \
-d '{
"full_name": "John Doe",
"username": "johndoe",
"email": "invalid-email",
"mobile": "+1234567890",
"password": "securepassword123"
}'
Expected Response:
{
"success": false,
"message": "Validation failed",
"error": "Email: invalid-email does not validate as email"
}
14. Duplicate Email
curl -X POST http://localhost:8081/api/admin/customers/register \
-H "Content-Type: application/json" \
-d '{
"full_name": "Jane Doe",
"username": "janedoe",
"email": "john@example.com",
"mobile": "+1234567891",
"password": "securepassword123"
}'
Expected Response:
{
"success": false,
"message": "email already exists",
"error": "email already exists"
}
15. Invalid Authentication
curl -X GET http://localhost:8081/api/customers/profile
Expected Response:
{
"success": false,
"message": "Invalid authentication",
"error": "Missing customer ID"
}
Testing Script
You can use the following script to test all endpoints:
#!/bin/bash
BASE_URL="http://localhost:8081"
echo "Testing Tender Management API..."
# Test health endpoint
echo "1. Testing health endpoint..."
curl -s "$BASE_URL/health" | jq .
# Register a customer
echo "2. Registering a customer..."
CUSTOMER_RESPONSE=$(curl -s -X POST "$BASE_URL/api/admin/customers/register" \
-H "Content-Type: application/json" \
-d '{
"full_name": "Test User",
"username": "testuser",
"email": "test@example.com",
"mobile": "+1234567890",
"password": "password123"
}')
echo "$CUSTOMER_RESPONSE" | jq .
# Extract customer ID
CUSTOMER_ID=$(echo "$CUSTOMER_RESPONSE" | jq -r '.data.id')
if [ "$CUSTOMER_ID" != "null" ]; then
echo "Customer ID: $CUSTOMER_ID"
# Test login
echo "3. Testing login..."
curl -s -X POST "$BASE_URL/api/customers/login" \
-H "Content-Type: application/json" \
-d '{
"email_or_mobile": "test@example.com",
"password": "password123"
}' | jq .
# Test get profile
echo "4. Testing get profile..."
curl -s -X GET "$BASE_URL/api/customers/profile" \
-H "X-Customer-ID: $CUSTOMER_ID" | jq .
# Test list customers (admin)
echo "5. Testing list customers..."
curl -s -X GET "$BASE_URL/api/admin/customers" | jq .
fi
echo "Testing completed!"
Notes
-
Authentication: Currently using a simple header-based authentication (
X-Customer-ID). In production, this should be replaced with proper JWT token validation. -
Timestamps: All timestamps are Unix timestamps (int64) for consistency.
-
Validation: All requests are validated using govalidator with custom validation rules.
-
Error Handling: All errors return consistent JSON responses with appropriate HTTP status codes.
-
CORS: The server is configured to allow all origins for development. Configure properly for production.