9119e2383e
- Introduced a new `config.yaml` file for managing server, database, cache, queue, AI, scraping, logging, and rate limiting configurations. - Updated `docker-compose.yml` to reflect the new server port (8081) and adjusted health check endpoints accordingly. - Modified `Dockerfile` to expose the new server port. - Updated `README.md` to reflect changes in server configuration and added documentation for the new configuration structure. - Added test scripts for server and Swagger documentation testing. - Refactored customer domain structure to align with new configuration settings and improve maintainability.
491 lines
11 KiB
Markdown
491 lines
11 KiB
Markdown
# API Examples
|
|
|
|
This document provides examples of how to interact with the Tender Management API using curl commands.
|
|
|
|
## Prerequisites
|
|
|
|
1. **Start MongoDB**:
|
|
```bash
|
|
sudo systemctl start mongod
|
|
```
|
|
|
|
2. **Start the server**:
|
|
```bash
|
|
make run
|
|
```
|
|
|
|
3. **Verify server is running**:
|
|
```bash
|
|
curl http://localhost:8081/health
|
|
```
|
|
|
|
## Customer Management Examples
|
|
|
|
### 1. Register a New Customer (Admin Only)
|
|
|
|
```bash
|
|
curl -X POST http://localhost:8081/api/admin/customers/register \
|
|
-H "Content-Type: application/json" \
|
|
-d '{
|
|
"full_name": "John Doe",
|
|
"username": "johndoe",
|
|
"email": "john@example.com",
|
|
"mobile": "+1234567890",
|
|
"password": "securepassword123",
|
|
"national_id": "123456789",
|
|
"gender": "male",
|
|
"birthdate": 631152000,
|
|
"profile_image": "https://example.com/avatar.jpg"
|
|
}'
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": true,
|
|
"message": "Customer registered successfully",
|
|
"data": {
|
|
"id": "550e8400-e29b-41d4-a716-446655440000",
|
|
"full_name": "John Doe",
|
|
"username": "johndoe",
|
|
"email": "john@example.com",
|
|
"mobile": "+1234567890",
|
|
"national_id": "123456789",
|
|
"gender": "male",
|
|
"birthdate": 631152000,
|
|
"profile_image": "https://example.com/avatar.jpg",
|
|
"status": "active",
|
|
"is_verified": false,
|
|
"created_at": 1703123456,
|
|
"updated_at": 1703123456
|
|
}
|
|
}
|
|
```
|
|
|
|
### 2. Customer Login
|
|
|
|
```bash
|
|
curl -X POST http://localhost:8081/api/customers/login \
|
|
-H "Content-Type: application/json" \
|
|
-d '{
|
|
"email_or_mobile": "john@example.com",
|
|
"password": "securepassword123"
|
|
}'
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": true,
|
|
"message": "Login successful",
|
|
"data": {
|
|
"customer": {
|
|
"id": "550e8400-e29b-41d4-a716-446655440000",
|
|
"full_name": "John Doe",
|
|
"username": "johndoe",
|
|
"email": "john@example.com",
|
|
"mobile": "+1234567890",
|
|
"national_id": "123456789",
|
|
"gender": "male",
|
|
"birthdate": 631152000,
|
|
"profile_image": "https://example.com/avatar.jpg",
|
|
"status": "active",
|
|
"is_verified": false,
|
|
"created_at": 1703123456,
|
|
"updated_at": 1703123456
|
|
},
|
|
"access_token": "abc123def456",
|
|
"refresh_token": "xyz789uvw012",
|
|
"expires_at": 1703127056
|
|
}
|
|
}
|
|
```
|
|
|
|
### 3. Get Customer Profile (Protected)
|
|
|
|
```bash
|
|
curl -X GET http://localhost:8081/api/customers/profile \
|
|
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000"
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": true,
|
|
"message": "Profile retrieved successfully",
|
|
"data": {
|
|
"id": "550e8400-e29b-41d4-a716-446655440000",
|
|
"full_name": "John Doe",
|
|
"username": "johndoe",
|
|
"email": "john@example.com",
|
|
"mobile": "+1234567890",
|
|
"national_id": "123456789",
|
|
"gender": "male",
|
|
"birthdate": 631152000,
|
|
"profile_image": "https://example.com/avatar.jpg",
|
|
"status": "active",
|
|
"is_verified": false,
|
|
"created_at": 1703123456,
|
|
"updated_at": 1703123456
|
|
}
|
|
}
|
|
```
|
|
|
|
### 4. Update Customer Profile (Protected)
|
|
|
|
```bash
|
|
curl -X PUT http://localhost:8081/api/customers/profile \
|
|
-H "Content-Type: application/json" \
|
|
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
|
|
-d '{
|
|
"full_name": "John Smith",
|
|
"profile_image": "https://example.com/new-avatar.jpg"
|
|
}'
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": true,
|
|
"message": "Profile updated successfully",
|
|
"data": {
|
|
"id": "550e8400-e29b-41d4-a716-446655440000",
|
|
"full_name": "John Smith",
|
|
"username": "johndoe",
|
|
"email": "john@example.com",
|
|
"mobile": "+1234567890",
|
|
"national_id": "123456789",
|
|
"gender": "male",
|
|
"birthdate": 631152000,
|
|
"profile_image": "https://example.com/new-avatar.jpg",
|
|
"status": "active",
|
|
"is_verified": false,
|
|
"created_at": 1703123456,
|
|
"updated_at": 1703123456
|
|
}
|
|
}
|
|
```
|
|
|
|
### 5. Change Password (Protected)
|
|
|
|
```bash
|
|
curl -X PUT http://localhost:8081/api/customers/change-password \
|
|
-H "Content-Type: application/json" \
|
|
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
|
|
-d '{
|
|
"old_password": "securepassword123",
|
|
"new_password": "newsecurepassword456"
|
|
}'
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": true,
|
|
"message": "Password changed successfully",
|
|
"data": null
|
|
}
|
|
```
|
|
|
|
### 6. Add Device Token (Protected)
|
|
|
|
```bash
|
|
curl -X POST http://localhost:8081/api/customers/device-token \
|
|
-H "Content-Type: application/json" \
|
|
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
|
|
-d '{
|
|
"device_token": "fcm_token_123456",
|
|
"device_type": "android"
|
|
}'
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": true,
|
|
"message": "Device token added successfully",
|
|
"data": null
|
|
}
|
|
```
|
|
|
|
### 7. Remove Device Token (Protected)
|
|
|
|
```bash
|
|
curl -X DELETE http://localhost:8081/api/customers/device-token \
|
|
-H "Content-Type: application/json" \
|
|
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
|
|
-d '{
|
|
"device_token": "fcm_token_123456"
|
|
}'
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": true,
|
|
"message": "Device token removed successfully",
|
|
"data": null
|
|
}
|
|
```
|
|
|
|
### 8. Logout (Protected)
|
|
|
|
```bash
|
|
curl -X POST http://localhost:8081/api/customers/logout \
|
|
-H "Content-Type: application/json" \
|
|
-H "X-Customer-ID: 550e8400-e29b-41d4-a716-446655440000" \
|
|
-d '{
|
|
"device_token": "fcm_token_123456"
|
|
}'
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": true,
|
|
"message": "Logged out successfully",
|
|
"data": null
|
|
}
|
|
```
|
|
|
|
## Admin Management Examples
|
|
|
|
### 9. List All Customers (Admin Only)
|
|
|
|
```bash
|
|
curl -X GET "http://localhost:8081/api/admin/customers?limit=10&offset=0&search=john&status=active" \
|
|
-H "Content-Type: application/json"
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": true,
|
|
"message": "Customers retrieved successfully",
|
|
"data": [
|
|
{
|
|
"id": "550e8400-e29b-41d4-a716-446655440000",
|
|
"full_name": "John Smith",
|
|
"username": "johndoe",
|
|
"email": "john@example.com",
|
|
"mobile": "+1234567890",
|
|
"national_id": "123456789",
|
|
"gender": "male",
|
|
"birthdate": 631152000,
|
|
"profile_image": "https://example.com/new-avatar.jpg",
|
|
"status": "active",
|
|
"is_verified": false,
|
|
"created_at": 1703123456,
|
|
"updated_at": 1703123456
|
|
}
|
|
],
|
|
"meta": {
|
|
"total": 1,
|
|
"limit": 10,
|
|
"offset": 0
|
|
}
|
|
}
|
|
```
|
|
|
|
### 10. Get Customer by ID (Admin Only)
|
|
|
|
```bash
|
|
curl -X GET http://localhost:8081/api/admin/customers/550e8400-e29b-41d4-a716-446655440000 \
|
|
-H "Content-Type: application/json"
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": true,
|
|
"message": "Customer retrieved successfully",
|
|
"data": {
|
|
"id": "550e8400-e29b-41d4-a716-446655440000",
|
|
"full_name": "John Smith",
|
|
"username": "johndoe",
|
|
"email": "john@example.com",
|
|
"mobile": "+1234567890",
|
|
"national_id": "123456789",
|
|
"gender": "male",
|
|
"birthdate": 631152000,
|
|
"profile_image": "https://example.com/new-avatar.jpg",
|
|
"status": "active",
|
|
"is_verified": false,
|
|
"created_at": 1703123456,
|
|
"updated_at": 1703123456
|
|
}
|
|
}
|
|
```
|
|
|
|
### 11. Update Customer Status (Admin Only)
|
|
|
|
```bash
|
|
curl -X PUT http://localhost:8081/api/admin/customers/550e8400-e29b-41d4-a716-446655440000/status \
|
|
-H "Content-Type: application/json" \
|
|
-d '{
|
|
"status": "suspended"
|
|
}'
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": true,
|
|
"message": "Customer status updated successfully",
|
|
"data": null
|
|
}
|
|
```
|
|
|
|
### 12. Get All Device Tokens (Admin Only)
|
|
|
|
```bash
|
|
curl -X GET http://localhost:8081/api/admin/customers/device-tokens \
|
|
-H "Content-Type: application/json"
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": true,
|
|
"message": "Device tokens retrieved successfully",
|
|
"data": [
|
|
{
|
|
"token": "fcm_token_123456",
|
|
"device_type": "android",
|
|
"customer_id": "550e8400-e29b-41d4-a716-446655440000"
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
## Error Examples
|
|
|
|
### 13. Invalid Email Format
|
|
|
|
```bash
|
|
curl -X POST http://localhost:8081/api/admin/customers/register \
|
|
-H "Content-Type: application/json" \
|
|
-d '{
|
|
"full_name": "John Doe",
|
|
"username": "johndoe",
|
|
"email": "invalid-email",
|
|
"mobile": "+1234567890",
|
|
"password": "securepassword123"
|
|
}'
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": false,
|
|
"message": "Validation failed",
|
|
"error": "Email: invalid-email does not validate as email"
|
|
}
|
|
```
|
|
|
|
### 14. Duplicate Email
|
|
|
|
```bash
|
|
curl -X POST http://localhost:8081/api/admin/customers/register \
|
|
-H "Content-Type: application/json" \
|
|
-d '{
|
|
"full_name": "Jane Doe",
|
|
"username": "janedoe",
|
|
"email": "john@example.com",
|
|
"mobile": "+1234567891",
|
|
"password": "securepassword123"
|
|
}'
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": false,
|
|
"message": "email already exists",
|
|
"error": "email already exists"
|
|
}
|
|
```
|
|
|
|
### 15. Invalid Authentication
|
|
|
|
```bash
|
|
curl -X GET http://localhost:8081/api/customers/profile
|
|
```
|
|
|
|
**Expected Response**:
|
|
```json
|
|
{
|
|
"success": false,
|
|
"message": "Invalid authentication",
|
|
"error": "Missing customer ID"
|
|
}
|
|
```
|
|
|
|
## Testing Script
|
|
|
|
You can use the following script to test all endpoints:
|
|
|
|
```bash
|
|
#!/bin/bash
|
|
|
|
BASE_URL="http://localhost:8081"
|
|
|
|
echo "Testing Tender Management API..."
|
|
|
|
# Test health endpoint
|
|
echo "1. Testing health endpoint..."
|
|
curl -s "$BASE_URL/health" | jq .
|
|
|
|
# Register a customer
|
|
echo "2. Registering a customer..."
|
|
CUSTOMER_RESPONSE=$(curl -s -X POST "$BASE_URL/api/admin/customers/register" \
|
|
-H "Content-Type: application/json" \
|
|
-d '{
|
|
"full_name": "Test User",
|
|
"username": "testuser",
|
|
"email": "test@example.com",
|
|
"mobile": "+1234567890",
|
|
"password": "password123"
|
|
}')
|
|
|
|
echo "$CUSTOMER_RESPONSE" | jq .
|
|
|
|
# Extract customer ID
|
|
CUSTOMER_ID=$(echo "$CUSTOMER_RESPONSE" | jq -r '.data.id')
|
|
|
|
if [ "$CUSTOMER_ID" != "null" ]; then
|
|
echo "Customer ID: $CUSTOMER_ID"
|
|
|
|
# Test login
|
|
echo "3. Testing login..."
|
|
curl -s -X POST "$BASE_URL/api/customers/login" \
|
|
-H "Content-Type: application/json" \
|
|
-d '{
|
|
"email_or_mobile": "test@example.com",
|
|
"password": "password123"
|
|
}' | jq .
|
|
|
|
# Test get profile
|
|
echo "4. Testing get profile..."
|
|
curl -s -X GET "$BASE_URL/api/customers/profile" \
|
|
-H "X-Customer-ID: $CUSTOMER_ID" | jq .
|
|
|
|
# Test list customers (admin)
|
|
echo "5. Testing list customers..."
|
|
curl -s -X GET "$BASE_URL/api/admin/customers" | jq .
|
|
fi
|
|
|
|
echo "Testing completed!"
|
|
```
|
|
|
|
## Notes
|
|
|
|
1. **Authentication**: Currently using a simple header-based authentication (`X-Customer-ID`). In production, this should be replaced with proper JWT token validation.
|
|
|
|
2. **Timestamps**: All timestamps are Unix timestamps (int64) for consistency.
|
|
|
|
3. **Validation**: All requests are validated using govalidator with custom validation rules.
|
|
|
|
4. **Error Handling**: All errors return consistent JSON responses with appropriate HTTP status codes.
|
|
|
|
5. **CORS**: The server is configured to allow all origins for development. Configure properly for production. |