Files
AuthCentral/BACKEND_URLS.md
Beyhan Oğur 8b1fbdee99 first commit
2026-04-26 21:37:58 +03:00

306 lines
8.0 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# 🔗 Backend URL Yönetimi
## API Endpoint Listesi
### Base URL
```
Local: http://localhost:8080
Production: https://api.yourdomain.com
```
### API Version
```
v1
```
---
## 📋 Tüm Endpoint'ler
| Method | Endpoint | Auth | Rate Limit | Açıklama |
|--------|----------|------|------------|----------|
| GET | `/` | ❌ | - | Homepage |
| GET | `/docs/index.html` | ❌ | - | Swagger UI |
| POST | `/v1/auth/register` | ❌ | 3/5min | Kullanıcı kaydı |
| POST | `/v1/auth/login` | ❌ | 5/1min | Giriş |
| GET | `/v1/auth/verify-email` | ❌ | - | Email doğrulama |
| GET | `/v1/auth/:provider` | ❌ | - | OAuth başlat |
| GET | `/v1/auth/:provider/callback` | ❌ | - | OAuth callback |
| POST | `/v1/auth/refresh` | ❌ | - | Token yenile |
| GET | `/v1/auth/me` | ✅ | - | Kullanıcı bilgileri |
| GET | `/v1/auth/validate` | ✅ | - | Token doğrula |
### Admin - User Management (Admin rolü gerekli)
| Method | Endpoint | Auth | Açıklama |
|--------|----------|------|----------|
| GET | `/v1/admin/users` | ✅ Admin | Tüm kullanıcıları listele |
| GET | `/v1/admin/users/search?q={query}` | ✅ Admin | Kullanıcı ara |
| GET | `/v1/admin/users/:id` | ✅ Admin | Kullanıcı detayı |
| POST | `/v1/admin/users` | ✅ Admin | Yeni kullanıcı oluştur |
| PUT | `/v1/admin/users/:id` | ✅ Admin | Kullanıcı güncelle |
| DELETE | `/v1/admin/users/:id` | ✅ Admin | Kullanıcı sil |
| POST | `/v1/admin/users/:id/roles` | ✅ Admin | Rol ata |
| DELETE | `/v1/admin/users/:id/roles/:role` | ✅ Admin | Rol kaldır |
### Admin - Settings (Admin rolü gerekli)
| Method | Endpoint | Auth | Açıklama |
|--------|----------|------|----------|
| GET | `/v1/settings/cors/whitelist` | ✅ Admin | CORS whitelist listele |
| POST | `/v1/settings/cors/whitelist` | ✅ Admin | CORS whitelist ekle |
| PUT | `/v1/settings/cors/whitelist/:id` | ✅ Admin | CORS whitelist güncelle |
| DELETE | `/v1/settings/cors/whitelist/:id` | ✅ Admin | CORS whitelist sil |
| GET | `/v1/settings/cors/blacklist` | ✅ Admin | CORS blacklist listele |
| POST | `/v1/settings/cors/blacklist` | ✅ Admin | CORS blacklist ekle |
| PUT | `/v1/settings/cors/blacklist/:id` | ✅ Admin | CORS blacklist güncelle |
| DELETE | `/v1/settings/cors/blacklist/:id` | ✅ Admin | CORS blacklist sil |
| GET | `/v1/settings/ratelimit` | ✅ Admin | Rate limit ayarları |
| PUT | `/v1/settings/ratelimit/:id` | ✅ Admin | Rate limit güncelle |
---
## 🎯 Frontend için URL Yapısı
### JavaScript/TypeScript Constants
```javascript
// config/api.js
export const API_CONFIG = {
BASE_URL: process.env.NEXT_PUBLIC_API_URL || 'http://localhost:8080',
API_VERSION: 'v1',
ENDPOINTS: {
// Auth endpoints
REGISTER: '/auth/register',
LOGIN: '/auth/login',
LOGOUT: '/auth/logout',
REFRESH: '/auth/refresh',
VERIFY_EMAIL: '/auth/verify-email',
ME: '/auth/me',
VALIDATE: '/auth/validate',
// OAuth endpoints
OAUTH_GOOGLE: '/auth/google',
OAUTH_GITHUB: '/auth/github',
OAUTH_GOOGLE_CALLBACK: '/auth/google/callback',
OAUTH_GITHUB_CALLBACK: '/auth/github/callback',
}
};
// Helper function
export function getApiUrl(endpoint) {
return `${API_CONFIG.BASE_URL}/${API_CONFIG.API_VERSION}${endpoint}`;
}
// Usage
const loginUrl = getApiUrl(API_CONFIG.ENDPOINTS.LOGIN);
// Result: http://localhost:8080/v1/auth/login
```
---
## 📦 Kullanım Örnekleri
### 1. React/Next.js
```javascript
// lib/api.js
const API_BASE = 'http://localhost:8080/v1';
export const authAPI = {
register: (data) =>
fetch(`${API_BASE}/auth/register`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
credentials: 'include',
body: JSON.stringify(data)
}),
login: (data) =>
fetch(`${API_BASE}/auth/login`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
credentials: 'include',
body: JSON.stringify(data)
}),
getCurrentUser: (token) =>
fetch(`${API_BASE}/auth/me`, {
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
},
credentials: 'include'
})
};
```
### 2. Vue.js/Nuxt
```javascript
// plugins/api.js
export default defineNuxtPlugin(() => {
const config = useRuntimeConfig();
const baseURL = config.public.apiBase || 'http://localhost:8080/v1';
return {
provide: {
api: {
auth: {
register: (data) => $fetch(`${baseURL}/auth/register`, {
method: 'POST',
body: data,
credentials: 'include'
}),
login: (data) => $fetch(`${baseURL}/auth/login`, {
method: 'POST',
body: data,
credentials: 'include'
}),
me: () => $fetch(`${baseURL}/auth/me`, {
credentials: 'include'
})
}
}
}
};
});
```
### 3. Axios Instance
```javascript
// lib/axios.js
import axios from 'axios';
const api = axios.create({
baseURL: 'http://localhost:8080/v1',
withCredentials: true,
headers: {
'Content-Type': 'application/json'
}
});
// Add auth token to requests
api.interceptors.request.use((config) => {
const token = localStorage.getItem('access_token');
if (token) {
config.headers.Authorization = `Bearer ${token}`;
}
return config;
});
// Handle 401 errors
api.interceptors.response.use(
(response) => response,
async (error) => {
if (error.response?.status === 401) {
// Try to refresh token
const refreshToken = localStorage.getItem('refresh_token');
if (refreshToken) {
try {
const { data } = await api.post('/auth/refresh', {
refresh_token: refreshToken
});
localStorage.setItem('access_token', data.access_token);
// Retry original request
error.config.headers.Authorization = `Bearer ${data.access_token}`;
return api.request(error.config);
} catch {
// Refresh failed, logout
localStorage.clear();
window.location.href = '/login';
}
}
}
return Promise.reject(error);
}
);
export default api;
```
---
## 🔐 Environment Variables
### .env.local (Frontend)
```env
# Development
NEXT_PUBLIC_API_URL=http://localhost:8080
NEXT_PUBLIC_API_VERSION=v1
# Production
# NEXT_PUBLIC_API_URL=https://api.yourdomain.com
# NEXT_PUBLIC_API_VERSION=v1
```
### .env (Backend)
```env
PORT=8080
CLIENT_CALLBACK_URL=http://localhost:8080/v1/auth
APP_URL=http://localhost:8080
```
---
## 🧪 Test Komutları
```bash
# Register
curl -X POST http://localhost:8080/v1/auth/register \
-H "Content-Type: application/json" \
-d '{"email":"test@test.com","password":"Test123!","user_name":"test"}'
# Login
curl -X POST http://localhost:8080/v1/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"test@test.com","password":"Test123!"}'
# Get user (with token)
curl http://localhost:8080/v1/auth/me \
-H "Authorization: Bearer YOUR_TOKEN"
# Admin - Update user
curl -X PUT http://localhost:8080/v1/admin/users/54687716-1aed-41ff-aa13-bb05dd7f34e7 \
-H "Authorization: Bearer ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"email": "newemail@example.com",
"user_name": "newusername",
"email_verified": true
}'
# Admin - Get all users
curl -X GET http://localhost:8080/v1/admin/users?page=1&limit=10 \
-H "Authorization: Bearer ADMIN_TOKEN"
# Admin - Search users
curl -X GET "http://localhost:8080/v1/admin/users/search?q=test" \
-H "Authorization: Bearer ADMIN_TOKEN"
```
---
## 📚 Swagger Dokümantasyonu
Tüm endpoint'lerin detaylı dokümantasyonu için:
```
http://localhost:8080/docs/index.html
```
---
## ✅ Hazır Kullanım
API endpoint'leri hazır ve çalışıyor! Frontend'inizde kullanmaya başlayabilirsiniz:
1. **API_ENDPOINTS.md** - Detaylı endpoint dokümantasyonu
2. **Swagger UI** - İnteraktif API testi: http://localhost:8080/docs/index.html
3. Yukarıdaki örnekleri projenize kopyalayıp kullanabilirsiniz
**Önemli:** CORS zaten `http://localhost:3000` için yapılandırılmış durumda! ✅