Files
AuthCentral/BACKEND_URLS.md
Beyhan Oğur 8b1fbdee99 first commit
2026-04-26 21:37:58 +03:00

8.0 KiB
Raw Permalink Blame History

🔗 Backend URL Yönetimi

API Endpoint Listesi

Base URL

Local: http://localhost:8080
Production: https://api.yourdomain.com

API Version

v1

📋 Tüm Endpoint'ler

Method Endpoint Auth Rate Limit ıklama
GET / - Homepage
GET /docs/index.html - Swagger UI
POST /v1/auth/register 3/5min Kullanıcı kaydı
POST /v1/auth/login 5/1min Giriş
GET /v1/auth/verify-email - Email doğrulama
GET /v1/auth/:provider - OAuth başlat
GET /v1/auth/:provider/callback - OAuth callback
POST /v1/auth/refresh - Token yenile
GET /v1/auth/me - Kullanıcı bilgileri
GET /v1/auth/validate - Token doğrula

Admin - User Management (Admin rolü gerekli)

Method Endpoint Auth ıklama
GET /v1/admin/users Admin Tüm kullanıcıları listele
GET /v1/admin/users/search?q={query} Admin Kullanıcı ara
GET /v1/admin/users/:id Admin Kullanıcı detayı
POST /v1/admin/users Admin Yeni kullanıcı oluştur
PUT /v1/admin/users/:id Admin Kullanıcı güncelle
DELETE /v1/admin/users/:id Admin Kullanıcı sil
POST /v1/admin/users/:id/roles Admin Rol ata
DELETE /v1/admin/users/:id/roles/:role Admin Rol kaldır

Admin - Settings (Admin rolü gerekli)

Method Endpoint Auth ıklama
GET /v1/settings/cors/whitelist Admin CORS whitelist listele
POST /v1/settings/cors/whitelist Admin CORS whitelist ekle
PUT /v1/settings/cors/whitelist/:id Admin CORS whitelist güncelle
DELETE /v1/settings/cors/whitelist/:id Admin CORS whitelist sil
GET /v1/settings/cors/blacklist Admin CORS blacklist listele
POST /v1/settings/cors/blacklist Admin CORS blacklist ekle
PUT /v1/settings/cors/blacklist/:id Admin CORS blacklist güncelle
DELETE /v1/settings/cors/blacklist/:id Admin CORS blacklist sil
GET /v1/settings/ratelimit Admin Rate limit ayarları
PUT /v1/settings/ratelimit/:id Admin Rate limit güncelle

🎯 Frontend için URL Yapısı

JavaScript/TypeScript Constants

// config/api.js
export const API_CONFIG = {
  BASE_URL: process.env.NEXT_PUBLIC_API_URL || 'http://localhost:8080',
  API_VERSION: 'v1',
  ENDPOINTS: {
    // Auth endpoints
    REGISTER: '/auth/register',
    LOGIN: '/auth/login',
    LOGOUT: '/auth/logout',
    REFRESH: '/auth/refresh',
    VERIFY_EMAIL: '/auth/verify-email',
    ME: '/auth/me',
    VALIDATE: '/auth/validate',
    
    // OAuth endpoints
    OAUTH_GOOGLE: '/auth/google',
    OAUTH_GITHUB: '/auth/github',
    OAUTH_GOOGLE_CALLBACK: '/auth/google/callback',
    OAUTH_GITHUB_CALLBACK: '/auth/github/callback',
  }
};

// Helper function
export function getApiUrl(endpoint) {
  return `${API_CONFIG.BASE_URL}/${API_CONFIG.API_VERSION}${endpoint}`;
}

// Usage
const loginUrl = getApiUrl(API_CONFIG.ENDPOINTS.LOGIN);
// Result: http://localhost:8080/v1/auth/login

📦 Kullanım Örnekleri

1. React/Next.js

// lib/api.js
const API_BASE = 'http://localhost:8080/v1';

export const authAPI = {
  register: (data) => 
    fetch(`${API_BASE}/auth/register`, {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      credentials: 'include',
      body: JSON.stringify(data)
    }),
    
  login: (data) => 
    fetch(`${API_BASE}/auth/login`, {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      credentials: 'include',
      body: JSON.stringify(data)
    }),
    
  getCurrentUser: (token) => 
    fetch(`${API_BASE}/auth/me`, {
      headers: { 
        'Authorization': `Bearer ${token}`,
        'Content-Type': 'application/json' 
      },
      credentials: 'include'
    })
};

2. Vue.js/Nuxt

// plugins/api.js
export default defineNuxtPlugin(() => {
  const config = useRuntimeConfig();
  const baseURL = config.public.apiBase || 'http://localhost:8080/v1';

  return {
    provide: {
      api: {
        auth: {
          register: (data) => $fetch(`${baseURL}/auth/register`, {
            method: 'POST',
            body: data,
            credentials: 'include'
          }),
          login: (data) => $fetch(`${baseURL}/auth/login`, {
            method: 'POST',
            body: data,
            credentials: 'include'
          }),
          me: () => $fetch(`${baseURL}/auth/me`, {
            credentials: 'include'
          })
        }
      }
    }
  };
});

3. Axios Instance

// lib/axios.js
import axios from 'axios';

const api = axios.create({
  baseURL: 'http://localhost:8080/v1',
  withCredentials: true,
  headers: {
    'Content-Type': 'application/json'
  }
});

// Add auth token to requests
api.interceptors.request.use((config) => {
  const token = localStorage.getItem('access_token');
  if (token) {
    config.headers.Authorization = `Bearer ${token}`;
  }
  return config;
});

// Handle 401 errors
api.interceptors.response.use(
  (response) => response,
  async (error) => {
    if (error.response?.status === 401) {
      // Try to refresh token
      const refreshToken = localStorage.getItem('refresh_token');
      if (refreshToken) {
        try {
          const { data } = await api.post('/auth/refresh', {
            refresh_token: refreshToken
          });
          localStorage.setItem('access_token', data.access_token);
          // Retry original request
          error.config.headers.Authorization = `Bearer ${data.access_token}`;
          return api.request(error.config);
        } catch {
          // Refresh failed, logout
          localStorage.clear();
          window.location.href = '/login';
        }
      }
    }
    return Promise.reject(error);
  }
);

export default api;

🔐 Environment Variables

.env.local (Frontend)

# Development
NEXT_PUBLIC_API_URL=http://localhost:8080
NEXT_PUBLIC_API_VERSION=v1

# Production
# NEXT_PUBLIC_API_URL=https://api.yourdomain.com
# NEXT_PUBLIC_API_VERSION=v1

.env (Backend)

PORT=8080
CLIENT_CALLBACK_URL=http://localhost:8080/v1/auth
APP_URL=http://localhost:8080

🧪 Test Komutları

# Register
curl -X POST http://localhost:8080/v1/auth/register \
  -H "Content-Type: application/json" \
  -d '{"email":"test@test.com","password":"Test123!","user_name":"test"}'

# Login
curl -X POST http://localhost:8080/v1/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email":"test@test.com","password":"Test123!"}'

# Get user (with token)
curl http://localhost:8080/v1/auth/me \
  -H "Authorization: Bearer YOUR_TOKEN"

# Admin - Update user
curl -X PUT http://localhost:8080/v1/admin/users/54687716-1aed-41ff-aa13-bb05dd7f34e7 \
  -H "Authorization: Bearer ADMIN_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "newemail@example.com",
    "user_name": "newusername",
    "email_verified": true
  }'

# Admin - Get all users
curl -X GET http://localhost:8080/v1/admin/users?page=1&limit=10 \
  -H "Authorization: Bearer ADMIN_TOKEN"

# Admin - Search users
curl -X GET "http://localhost:8080/v1/admin/users/search?q=test" \
  -H "Authorization: Bearer ADMIN_TOKEN"

📚 Swagger Dokümantasyonu

Tüm endpoint'lerin detaylı dokümantasyonu için:

http://localhost:8080/docs/index.html

Hazır Kullanım

API endpoint'leri hazır ve çalışıyor! Frontend'inizde kullanmaya başlayabilirsiniz:

  1. API_ENDPOINTS.md - Detaylı endpoint dokümantasyonu
  2. Swagger UI - İnteraktif API testi: http://localhost:8080/docs/index.html
  3. Yukarıdaki örnekleri projenize kopyalayıp kullanabilirsiniz

Önemli: CORS zaten http://localhost:3000 için yapılandırılmış durumda!