Files
tm_back/docs/examples/API_EXAMPLES.md
T
n.nakhostin 9119e2383e Add configuration file and update server settings
- Introduced a new `config.yaml` file for managing server, database, cache, queue, AI, scraping, logging, and rate limiting configurations.
- Updated `docker-compose.yml` to reflect the new server port (8081) and adjusted health check endpoints accordingly.
- Modified `Dockerfile` to expose the new server port.
- Updated `README.md` to reflect changes in server configuration and added documentation for the new configuration structure.
- Added test scripts for server and Swagger documentation testing.
- Refactored customer domain structure to align with new configuration settings and improve maintainability.
2025-08-02 12:37:04 +03:30

491 lines
11 KiB
Markdown

# API Examples
This document provides examples of how to interact with the Tender Management API using curl commands.
## Prerequisites
1. **Start MongoDB**:
```bash
sudo systemctl start mongod
```
2. **Start the server**:
```bash
make run
```
3. **Verify server is running**:
```bash
curl http://localhost:8081/health
```
## Customer Management Examples
### 1. Register a New Customer (Admin Only)
```bash
curl -X POST http://localhost:8081/api/admin/customers/register \
-H "Content-Type: application/json" \
-d '{
"full_name": "John Doe",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"password": "securepassword123",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/avatar.jpg"
}'
```
**Expected Response**:
```json
{
"success": true,
"message": "Customer registered successfully",
"data": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"full_name": "John Doe",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/avatar.jpg",
"status": "active",
"is_verified": false,
"created_at": 1703123456,
"updated_at": 1703123456
}
}
```
### 2. Customer Login
```bash
curl -X POST http://localhost:8081/api/customers/login \
-H "Content-Type: application/json" \
-d '{
"email_or_mobile": "john@example.com",
"password": "securepassword123"
}'
```
**Expected Response**:
```json
{
"success": true,
"message": "Login successful",
"data": {
"customer": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"full_name": "John Doe",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/avatar.jpg",
"status": "active",
"is_verified": false,
"created_at": 1703123456,
"updated_at": 1703123456
},
"access_token": "abc123def456",
"refresh_token": "xyz789uvw012",
"expires_at": 1703127056
}
}
```
### 3. Get Customer Profile (Protected)
```bash
curl -X GET http://localhost:8081/api/customers/profile \
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000"
```
**Expected Response**:
```json
{
"success": true,
"message": "Profile retrieved successfully",
"data": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"full_name": "John Doe",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/avatar.jpg",
"status": "active",
"is_verified": false,
"created_at": 1703123456,
"updated_at": 1703123456
}
}
```
### 4. Update Customer Profile (Protected)
```bash
curl -X PUT http://localhost:8081/api/customers/profile \
-H "Content-Type: application/json" \
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
-d '{
"full_name": "John Smith",
"profile_image": "https://example.com/new-avatar.jpg"
}'
```
**Expected Response**:
```json
{
"success": true,
"message": "Profile updated successfully",
"data": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"full_name": "John Smith",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/new-avatar.jpg",
"status": "active",
"is_verified": false,
"created_at": 1703123456,
"updated_at": 1703123456
}
}
```
### 5. Change Password (Protected)
```bash
curl -X PUT http://localhost:8081/api/customers/change-password \
-H "Content-Type: application/json" \
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
-d '{
"old_password": "securepassword123",
"new_password": "newsecurepassword456"
}'
```
**Expected Response**:
```json
{
"success": true,
"message": "Password changed successfully",
"data": null
}
```
### 6. Add Device Token (Protected)
```bash
curl -X POST http://localhost:8081/api/customers/device-token \
-H "Content-Type: application/json" \
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
-d '{
"device_token": "fcm_token_123456",
"device_type": "android"
}'
```
**Expected Response**:
```json
{
"success": true,
"message": "Device token added successfully",
"data": null
}
```
### 7. Remove Device Token (Protected)
```bash
curl -X DELETE http://localhost:8081/api/customers/device-token \
-H "Content-Type: application/json" \
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
-d '{
"device_token": "fcm_token_123456"
}'
```
**Expected Response**:
```json
{
"success": true,
"message": "Device token removed successfully",
"data": null
}
```
### 8. Logout (Protected)
```bash
curl -X POST http://localhost:8081/api/customers/logout \
-H "Content-Type: application/json" \
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
-d '{
"device_token": "fcm_token_123456"
}'
```
**Expected Response**:
```json
{
"success": true,
"message": "Logged out successfully",
"data": null
}
```
## Admin Management Examples
### 9. List All Customers (Admin Only)
```bash
curl -X GET "http://localhost:8081/api/admin/customers?limit=10&offset=0&search=john&status=active" \
-H "Content-Type: application/json"
```
**Expected Response**:
```json
{
"success": true,
"message": "Customers retrieved successfully",
"data": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"full_name": "John Smith",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/new-avatar.jpg",
"status": "active",
"is_verified": false,
"created_at": 1703123456,
"updated_at": 1703123456
}
],
"meta": {
"total": 1,
"limit": 10,
"offset": 0
}
}
```
### 10. Get Customer by ID (Admin Only)
```bash
curl -X GET http://localhost:8081/api/admin/customers/550e8400-e29b-41d4-a716-446655440000 \
-H "Content-Type: application/json"
```
**Expected Response**:
```json
{
"success": true,
"message": "Customer retrieved successfully",
"data": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"full_name": "John Smith",
"username": "johndoe",
"email": "john@example.com",
"mobile": "+1234567890",
"national_id": "123456789",
"gender": "male",
"birthdate": 631152000,
"profile_image": "https://example.com/new-avatar.jpg",
"status": "active",
"is_verified": false,
"created_at": 1703123456,
"updated_at": 1703123456
}
}
```
### 11. Update Customer Status (Admin Only)
```bash
curl -X PUT http://localhost:8081/api/admin/customers/550e8400-e29b-41d4-a716-446655440000/status \
-H "Content-Type: application/json" \
-d '{
"status": "suspended"
}'
```
**Expected Response**:
```json
{
"success": true,
"message": "Customer status updated successfully",
"data": null
}
```
### 12. Get All Device Tokens (Admin Only)
```bash
curl -X GET http://localhost:8081/api/admin/customers/device-tokens \
-H "Content-Type: application/json"
```
**Expected Response**:
```json
{
"success": true,
"message": "Device tokens retrieved successfully",
"data": [
{
"token": "fcm_token_123456",
"device_type": "android",
"customer_id": "550e8400-e29b-41d4-a716-446655440000"
}
]
}
```
## Error Examples
### 13. Invalid Email Format
```bash
curl -X POST http://localhost:8081/api/admin/customers/register \
-H "Content-Type: application/json" \
-d '{
"full_name": "John Doe",
"username": "johndoe",
"email": "invalid-email",
"mobile": "+1234567890",
"password": "securepassword123"
}'
```
**Expected Response**:
```json
{
"success": false,
"message": "Validation failed",
"error": "Email: invalid-email does not validate as email"
}
```
### 14. Duplicate Email
```bash
curl -X POST http://localhost:8081/api/admin/customers/register \
-H "Content-Type: application/json" \
-d '{
"full_name": "Jane Doe",
"username": "janedoe",
"email": "john@example.com",
"mobile": "+1234567891",
"password": "securepassword123"
}'
```
**Expected Response**:
```json
{
"success": false,
"message": "email already exists",
"error": "email already exists"
}
```
### 15. Invalid Authentication
```bash
curl -X GET http://localhost:8081/api/customers/profile
```
**Expected Response**:
```json
{
"success": false,
"message": "Invalid authentication",
"error": "Missing customer ID"
}
```
## Testing Script
You can use the following script to test all endpoints:
```bash
#!/bin/bash
BASE_URL="http://localhost:8081"
echo "Testing Tender Management API..."
# Test health endpoint
echo "1. Testing health endpoint..."
curl -s "$BASE_URL/health" | jq .
# Register a customer
echo "2. Registering a customer..."
CUSTOMER_RESPONSE=$(curl -s -X POST "$BASE_URL/api/admin/customers/register" \
-H "Content-Type: application/json" \
-d '{
"full_name": "Test User",
"username": "testuser",
"email": "test@example.com",
"mobile": "+1234567890",
"password": "password123"
}')
echo "$CUSTOMER_RESPONSE" | jq .
# Extract customer ID
CUSTOMER_ID=$(echo "$CUSTOMER_RESPONSE" | jq -r '.data.id')
if [ "$CUSTOMER_ID" != "null" ]; then
echo "Customer ID: $CUSTOMER_ID"
# Test login
echo "3. Testing login..."
curl -s -X POST "$BASE_URL/api/customers/login" \
-H "Content-Type: application/json" \
-d '{
"email_or_mobile": "test@example.com",
"password": "password123"
}' | jq .
# Test get profile
echo "4. Testing get profile..."
curl -s -X GET "$BASE_URL/api/customers/profile" \
-H "X-Customer-ID: $CUSTOMER_ID" | jq .
# Test list customers (admin)
echo "5. Testing list customers..."
curl -s -X GET "$BASE_URL/api/admin/customers" | jq .
fi
echo "Testing completed!"
```
## Notes
1. **Authentication**: Currently using a simple header-based authentication (`X-Customer-ID`). In production, this should be replaced with proper JWT token validation.
2. **Timestamps**: All timestamps are Unix timestamps (int64) for consistency.
3. **Validation**: All requests are validated using govalidator with custom validation rules.
4. **Error Handling**: All errors return consistent JSON responses with appropriate HTTP status codes.
5. **CORS**: The server is configured to allow all origins for development. Configure properly for production.