591 lines
10 KiB
Markdown
591 lines
10 KiB
Markdown
# 🌐 GAuth-Central API Endpoints
|
|
|
|
## Base URL
|
|
|
|
```
|
|
Local Development: http://localhost:8080
|
|
Production: http://your-domain.com
|
|
```
|
|
|
|
## API Version: v1
|
|
|
|
Base Path: `/v1`
|
|
|
|
---
|
|
|
|
## 📍 Endpoints
|
|
|
|
### Public Endpoints (No Authentication Required)
|
|
|
|
#### 1. Homepage
|
|
```
|
|
GET /
|
|
Content-Type: text/html
|
|
```
|
|
|
|
**Response:** HTML homepage
|
|
|
|
---
|
|
|
|
#### 2. Swagger Documentation
|
|
```
|
|
GET /docs/index.html
|
|
Content-Type: text/html
|
|
```
|
|
|
|
**Response:** Swagger UI
|
|
|
|
---
|
|
|
|
### Authentication Endpoints
|
|
|
|
#### 3. Register User
|
|
```
|
|
POST /v1/auth/register
|
|
Content-Type: application/json
|
|
Rate Limit: 3 requests / 5 minutes
|
|
```
|
|
|
|
**Request Body:**
|
|
```json
|
|
{
|
|
"email": "user@example.com",
|
|
"password": "SecurePass123!",
|
|
"user_name": "username"
|
|
}
|
|
```
|
|
|
|
**Response (201):**
|
|
```json
|
|
{
|
|
"message": "User created successfully. Please verify your email.",
|
|
"user": {
|
|
"id": "uuid",
|
|
"email": "user@example.com",
|
|
"user_name": "username"
|
|
}
|
|
}
|
|
```
|
|
|
|
**cURL Example:**
|
|
```bash
|
|
curl -X POST http://localhost:8080/v1/auth/register \
|
|
-H "Content-Type: application/json" \
|
|
-d '{
|
|
"email": "user@example.com",
|
|
"password": "SecurePass123!",
|
|
"user_name": "username"
|
|
}'
|
|
```
|
|
|
|
---
|
|
|
|
#### 4. Login
|
|
```
|
|
POST /v1/auth/login
|
|
Content-Type: application/json
|
|
Rate Limit: 5 requests / 1 minute
|
|
```
|
|
|
|
**Request Body:**
|
|
```json
|
|
{
|
|
"email": "user@example.com",
|
|
"password": "SecurePass123!"
|
|
}
|
|
```
|
|
|
|
**Response (200):**
|
|
```json
|
|
{
|
|
"access_token": "eyJhbGciOiJIUzI1NiIs...",
|
|
"refresh_token": "eyJhbGciOiJIUzI1NiIs...",
|
|
"user": {
|
|
"id": "uuid",
|
|
"email": "user@example.com",
|
|
"user_name": "username"
|
|
}
|
|
}
|
|
```
|
|
|
|
**cURL Example:**
|
|
```bash
|
|
curl -X POST http://localhost:8080/v1/auth/login \
|
|
-H "Content-Type: application/json" \
|
|
-d '{
|
|
"email": "user@example.com",
|
|
"password": "SecurePass123!"
|
|
}'
|
|
```
|
|
|
|
---
|
|
|
|
#### 5. Email Verification
|
|
```
|
|
GET /v1/auth/verify-email?token={verification_token}
|
|
```
|
|
|
|
**Query Parameters:**
|
|
- `token` (required): Email verification token
|
|
|
|
**Response (200):**
|
|
```json
|
|
{
|
|
"message": "Email verified successfully"
|
|
}
|
|
```
|
|
|
|
**cURL Example:**
|
|
```bash
|
|
curl -X GET "http://localhost:8080/v1/auth/verify-email?token=abc123xyz"
|
|
```
|
|
|
|
---
|
|
|
|
#### 6. OAuth Login (Google/GitHub)
|
|
```
|
|
GET /v1/auth/{provider}
|
|
```
|
|
|
|
**Parameters:**
|
|
- `provider`: `google` or `github`
|
|
|
|
**Example:**
|
|
```
|
|
http://localhost:8080/v1/auth/google
|
|
http://localhost:8080/v1/auth/github
|
|
```
|
|
|
|
**Response:** Redirects to OAuth provider
|
|
|
|
---
|
|
|
|
#### 7. OAuth Callback
|
|
```
|
|
GET /v1/auth/{provider}/callback
|
|
```
|
|
|
|
**Parameters:**
|
|
- `provider`: `google` or `github`
|
|
|
|
**Query Parameters:** (Provided by OAuth provider)
|
|
- `code`
|
|
- `state`
|
|
|
|
**Response (200):**
|
|
```json
|
|
{
|
|
"access_token": "eyJhbGciOiJIUzI1NiIs...",
|
|
"refresh_token": "eyJhbGciOiJIUzI1NiIs...",
|
|
"user": {
|
|
"id": "uuid",
|
|
"email": "user@example.com",
|
|
"user_name": "username"
|
|
}
|
|
}
|
|
```
|
|
|
|
---
|
|
|
|
#### 8. Refresh Token
|
|
```
|
|
POST /v1/auth/refresh
|
|
Content-Type: application/json
|
|
```
|
|
|
|
**Request Body:**
|
|
```json
|
|
{
|
|
"refresh_token": "eyJhbGciOiJIUzI1NiIs..."
|
|
}
|
|
```
|
|
|
|
**Response (200):**
|
|
```json
|
|
{
|
|
"access_token": "eyJhbGciOiJIUzI1NiIs...",
|
|
"refresh_token": "eyJhbGciOiJIUzI1NiIs..."
|
|
}
|
|
```
|
|
|
|
**cURL Example:**
|
|
```bash
|
|
curl -X POST http://localhost:8080/v1/auth/refresh \
|
|
-H "Content-Type: application/json" \
|
|
-d '{
|
|
"refresh_token": "your_refresh_token_here"
|
|
}'
|
|
```
|
|
|
|
---
|
|
|
|
### Protected Endpoints (Authentication Required)
|
|
|
|
**Note:** All protected endpoints require the `Authorization` header:
|
|
```
|
|
Authorization: Bearer {access_token}
|
|
```
|
|
|
|
---
|
|
|
|
#### 9. Get Current User
|
|
```
|
|
GET /v1/auth/me
|
|
Authorization: Bearer {access_token}
|
|
```
|
|
|
|
**Response (200):**
|
|
```json
|
|
{
|
|
"id": "uuid",
|
|
"email": "user@example.com",
|
|
"user_name": "username",
|
|
"email_verified": true,
|
|
"created_at": "2026-02-04T00:00:00Z"
|
|
}
|
|
```
|
|
|
|
**cURL Example:**
|
|
```bash
|
|
curl -X GET http://localhost:8080/v1/auth/me \
|
|
-H "Authorization: Bearer your_access_token_here"
|
|
```
|
|
|
|
---
|
|
|
|
#### 10. Validate Token
|
|
```
|
|
GET /v1/auth/validate
|
|
Authorization: Bearer {access_token}
|
|
```
|
|
|
|
**Response (200):**
|
|
```json
|
|
{
|
|
"message": "Token is valid",
|
|
"user_id": "uuid",
|
|
"email": "user@example.com"
|
|
}
|
|
```
|
|
|
|
**cURL Example:**
|
|
```bash
|
|
curl -X GET http://localhost:8080/v1/auth/validate \
|
|
-H "Authorization: Bearer your_access_token_here"
|
|
```
|
|
|
|
---
|
|
|
|
## 🔒 Authentication Flow
|
|
|
|
### Standard Email/Password Flow
|
|
|
|
```
|
|
1. Register
|
|
POST /v1/auth/register
|
|
↓
|
|
2. Verify Email
|
|
GET /v1/auth/verify-email?token=...
|
|
↓
|
|
3. Login
|
|
POST /v1/auth/login
|
|
↓
|
|
4. Access Protected Resources
|
|
GET /v1/auth/me (with Bearer token)
|
|
```
|
|
|
|
### OAuth Flow
|
|
|
|
```
|
|
1. Initiate OAuth
|
|
GET /v1/auth/google (or /github)
|
|
↓
|
|
2. User authorizes on OAuth provider
|
|
↓
|
|
3. Callback with code
|
|
GET /v1/auth/google/callback?code=...
|
|
↓
|
|
4. Access Protected Resources
|
|
GET /v1/auth/me (with Bearer token)
|
|
```
|
|
|
|
---
|
|
|
|
## 📝 Error Responses
|
|
|
|
### Standard Error Format
|
|
|
|
```json
|
|
{
|
|
"error": "Error message description"
|
|
}
|
|
```
|
|
|
|
### Common Error Codes
|
|
|
|
| Status Code | Meaning |
|
|
|------------|---------|
|
|
| 400 | Bad Request - Invalid input |
|
|
| 401 | Unauthorized - Invalid or missing token |
|
|
| 403 | Forbidden - Valid token but insufficient permissions |
|
|
| 404 | Not Found - Resource not found |
|
|
| 429 | Too Many Requests - Rate limit exceeded |
|
|
| 500 | Internal Server Error |
|
|
|
|
---
|
|
|
|
## 🚦 Rate Limits
|
|
|
|
| Endpoint | Limit | Time Window |
|
|
|----------|-------|-------------|
|
|
| POST /v1/auth/register | 3 requests | 5 minutes |
|
|
| POST /v1/auth/login | 5 requests | 1 minute |
|
|
| All API endpoints | 100 requests | 1 minute |
|
|
|
|
**Rate Limit Headers:**
|
|
```
|
|
X-RateLimit-Limit: 100
|
|
X-RateLimit-Remaining: 95
|
|
X-RateLimit-Reset: 1643980800
|
|
```
|
|
|
|
---
|
|
|
|
## 🔑 Authentication Headers
|
|
|
|
### Access Token
|
|
```
|
|
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
|
|
```
|
|
|
|
### CORS Headers
|
|
```
|
|
Origin: http://localhost:3000
|
|
Content-Type: application/json
|
|
```
|
|
|
|
---
|
|
|
|
## 🌍 CORS Configuration
|
|
|
|
**Allowed Origins:**
|
|
- `http://localhost:3000` (development)
|
|
|
|
**Allowed Methods:**
|
|
- GET, POST, PUT, PATCH, DELETE, OPTIONS
|
|
|
|
**Allowed Headers:**
|
|
- Origin, Content-Type, Accept, Authorization
|
|
|
|
**Credentials:**
|
|
- Enabled (`Access-Control-Allow-Credentials: true`)
|
|
|
|
---
|
|
|
|
## 📦 Response Examples
|
|
|
|
### Successful Response
|
|
```json
|
|
{
|
|
"message": "Operation successful",
|
|
"data": { ... }
|
|
}
|
|
```
|
|
|
|
### Error Response
|
|
```json
|
|
{
|
|
"error": "Invalid credentials"
|
|
}
|
|
```
|
|
|
|
### Validation Error
|
|
```json
|
|
{
|
|
"error": "Validation failed: email is required"
|
|
}
|
|
```
|
|
|
|
---
|
|
|
|
## 🔗 Frontend Integration
|
|
|
|
### JavaScript/TypeScript Example
|
|
|
|
```javascript
|
|
// Base URL
|
|
const API_BASE_URL = 'http://localhost:8080';
|
|
|
|
// Login
|
|
async function login(email, password) {
|
|
const response = await fetch(`${API_BASE_URL}/v1/auth/login`, {
|
|
method: 'POST',
|
|
headers: {
|
|
'Content-Type': 'application/json',
|
|
},
|
|
credentials: 'include',
|
|
body: JSON.stringify({ email, password })
|
|
});
|
|
|
|
const data = await response.json();
|
|
|
|
if (response.ok) {
|
|
localStorage.setItem('access_token', data.access_token);
|
|
localStorage.setItem('refresh_token', data.refresh_token);
|
|
return data;
|
|
} else {
|
|
throw new Error(data.error);
|
|
}
|
|
}
|
|
|
|
// Get Current User (Protected)
|
|
async function getCurrentUser() {
|
|
const token = localStorage.getItem('access_token');
|
|
|
|
const response = await fetch(`${API_BASE_URL}/v1/auth/me`, {
|
|
method: 'GET',
|
|
headers: {
|
|
'Authorization': `Bearer ${token}`,
|
|
'Content-Type': 'application/json',
|
|
},
|
|
credentials: 'include'
|
|
});
|
|
|
|
const data = await response.json();
|
|
|
|
if (response.ok) {
|
|
return data;
|
|
} else {
|
|
throw new Error(data.error);
|
|
}
|
|
}
|
|
|
|
// Register
|
|
async function register(email, password, username) {
|
|
const response = await fetch(`${API_BASE_URL}/v1/auth/register`, {
|
|
method: 'POST',
|
|
headers: {
|
|
'Content-Type': 'application/json',
|
|
},
|
|
credentials: 'include',
|
|
body: JSON.stringify({
|
|
email,
|
|
password,
|
|
user_name: username
|
|
})
|
|
});
|
|
|
|
const data = await response.json();
|
|
|
|
if (!response.ok) {
|
|
throw new Error(data.error);
|
|
}
|
|
|
|
return data;
|
|
}
|
|
```
|
|
|
|
### Axios Example
|
|
|
|
```javascript
|
|
import axios from 'axios';
|
|
|
|
const api = axios.create({
|
|
baseURL: 'http://localhost:8080/v1',
|
|
withCredentials: true,
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
}
|
|
});
|
|
|
|
// Add token to requests
|
|
api.interceptors.request.use((config) => {
|
|
const token = localStorage.getItem('access_token');
|
|
if (token) {
|
|
config.headers.Authorization = `Bearer ${token}`;
|
|
}
|
|
return config;
|
|
});
|
|
|
|
// Login
|
|
export const login = (email, password) =>
|
|
api.post('/auth/login', { email, password });
|
|
|
|
// Register
|
|
export const register = (email, password, user_name) =>
|
|
api.post('/auth/register', { email, password, user_name });
|
|
|
|
// Get current user
|
|
export const getCurrentUser = () =>
|
|
api.get('/auth/me');
|
|
|
|
// Refresh token
|
|
export const refreshToken = (refresh_token) =>
|
|
api.post('/auth/refresh', { refresh_token });
|
|
```
|
|
|
|
---
|
|
|
|
## 🧪 Postman Collection
|
|
|
|
You can import these endpoints into Postman:
|
|
|
|
**Environment Variables:**
|
|
```
|
|
base_url: http://localhost:8080
|
|
access_token: {{access_token}}
|
|
```
|
|
|
|
**Collection Structure:**
|
|
```
|
|
GAuth-Central API
|
|
├── Public
|
|
│ ├── Register
|
|
│ ├── Login
|
|
│ ├── Verify Email
|
|
│ ├── Refresh Token
|
|
│ ├── OAuth Google
|
|
│ └── OAuth GitHub
|
|
└── Protected (Auth Required)
|
|
├── Get Current User
|
|
└── Validate Token
|
|
```
|
|
|
|
---
|
|
|
|
## 📚 Additional Resources
|
|
|
|
- **Swagger Documentation**: http://localhost:8080/docs/index.html
|
|
- **API Version**: v1.0
|
|
- **Last Updated**: February 4, 2026
|
|
|
|
---
|
|
|
|
## ⚡ Quick Start
|
|
|
|
```bash
|
|
# 1. Start the server
|
|
go run main.go
|
|
|
|
# 2. Test with curl
|
|
curl http://localhost:8080/
|
|
|
|
# 3. Register a user
|
|
curl -X POST http://localhost:8080/v1/auth/register \
|
|
-H "Content-Type: application/json" \
|
|
-d '{"email":"test@test.com","password":"Test123!","user_name":"testuser"}'
|
|
|
|
# 4. Login
|
|
curl -X POST http://localhost:8080/v1/auth/login \
|
|
-H "Content-Type: application/json" \
|
|
-d '{"email":"test@test.com","password":"Test123!"}'
|
|
|
|
# 5. Use the token from login response
|
|
curl http://localhost:8080/v1/auth/me \
|
|
-H "Authorization: Bearer YOUR_TOKEN_HERE"
|
|
```
|
|
|
|
---
|
|
|
|
💡 **Tip**: Use the Swagger UI at http://localhost:8080/docs/index.html for interactive API testing!
|