306 lines
8.0 KiB
Markdown
306 lines
8.0 KiB
Markdown
# 🔗 Backend URL Yönetimi
|
||
|
||
## API Endpoint Listesi
|
||
|
||
### Base URL
|
||
```
|
||
Local: http://localhost:8080
|
||
Production: https://api.yourdomain.com
|
||
```
|
||
|
||
### API Version
|
||
```
|
||
v1
|
||
```
|
||
|
||
---
|
||
|
||
## 📋 Tüm Endpoint'ler
|
||
|
||
| Method | Endpoint | Auth | Rate Limit | Açıklama |
|
||
|--------|----------|------|------------|----------|
|
||
| GET | `/` | ❌ | - | Homepage |
|
||
| GET | `/docs/index.html` | ❌ | - | Swagger UI |
|
||
| POST | `/v1/auth/register` | ❌ | 3/5min | Kullanıcı kaydı |
|
||
| POST | `/v1/auth/login` | ❌ | 5/1min | Giriş |
|
||
| GET | `/v1/auth/verify-email` | ❌ | - | Email doğrulama |
|
||
| GET | `/v1/auth/:provider` | ❌ | - | OAuth başlat |
|
||
| GET | `/v1/auth/:provider/callback` | ❌ | - | OAuth callback |
|
||
| POST | `/v1/auth/refresh` | ❌ | - | Token yenile |
|
||
| GET | `/v1/auth/me` | ✅ | - | Kullanıcı bilgileri |
|
||
| GET | `/v1/auth/validate` | ✅ | - | Token doğrula |
|
||
|
||
### Admin - User Management (Admin rolü gerekli)
|
||
|
||
| Method | Endpoint | Auth | Açıklama |
|
||
|--------|----------|------|----------|
|
||
| GET | `/v1/admin/users` | ✅ Admin | Tüm kullanıcıları listele |
|
||
| GET | `/v1/admin/users/search?q={query}` | ✅ Admin | Kullanıcı ara |
|
||
| GET | `/v1/admin/users/:id` | ✅ Admin | Kullanıcı detayı |
|
||
| POST | `/v1/admin/users` | ✅ Admin | Yeni kullanıcı oluştur |
|
||
| PUT | `/v1/admin/users/:id` | ✅ Admin | Kullanıcı güncelle |
|
||
| DELETE | `/v1/admin/users/:id` | ✅ Admin | Kullanıcı sil |
|
||
| POST | `/v1/admin/users/:id/roles` | ✅ Admin | Rol ata |
|
||
| DELETE | `/v1/admin/users/:id/roles/:role` | ✅ Admin | Rol kaldır |
|
||
|
||
### Admin - Settings (Admin rolü gerekli)
|
||
|
||
| Method | Endpoint | Auth | Açıklama |
|
||
|--------|----------|------|----------|
|
||
| GET | `/v1/settings/cors/whitelist` | ✅ Admin | CORS whitelist listele |
|
||
| POST | `/v1/settings/cors/whitelist` | ✅ Admin | CORS whitelist ekle |
|
||
| PUT | `/v1/settings/cors/whitelist/:id` | ✅ Admin | CORS whitelist güncelle |
|
||
| DELETE | `/v1/settings/cors/whitelist/:id` | ✅ Admin | CORS whitelist sil |
|
||
| GET | `/v1/settings/cors/blacklist` | ✅ Admin | CORS blacklist listele |
|
||
| POST | `/v1/settings/cors/blacklist` | ✅ Admin | CORS blacklist ekle |
|
||
| PUT | `/v1/settings/cors/blacklist/:id` | ✅ Admin | CORS blacklist güncelle |
|
||
| DELETE | `/v1/settings/cors/blacklist/:id` | ✅ Admin | CORS blacklist sil |
|
||
| GET | `/v1/settings/ratelimit` | ✅ Admin | Rate limit ayarları |
|
||
| PUT | `/v1/settings/ratelimit/:id` | ✅ Admin | Rate limit güncelle |
|
||
|
||
---
|
||
|
||
## 🎯 Frontend için URL Yapısı
|
||
|
||
### JavaScript/TypeScript Constants
|
||
|
||
```javascript
|
||
// config/api.js
|
||
export const API_CONFIG = {
|
||
BASE_URL: process.env.NEXT_PUBLIC_API_URL || 'http://localhost:8080',
|
||
API_VERSION: 'v1',
|
||
ENDPOINTS: {
|
||
// Auth endpoints
|
||
REGISTER: '/auth/register',
|
||
LOGIN: '/auth/login',
|
||
LOGOUT: '/auth/logout',
|
||
REFRESH: '/auth/refresh',
|
||
VERIFY_EMAIL: '/auth/verify-email',
|
||
ME: '/auth/me',
|
||
VALIDATE: '/auth/validate',
|
||
|
||
// OAuth endpoints
|
||
OAUTH_GOOGLE: '/auth/google',
|
||
OAUTH_GITHUB: '/auth/github',
|
||
OAUTH_GOOGLE_CALLBACK: '/auth/google/callback',
|
||
OAUTH_GITHUB_CALLBACK: '/auth/github/callback',
|
||
}
|
||
};
|
||
|
||
// Helper function
|
||
export function getApiUrl(endpoint) {
|
||
return `${API_CONFIG.BASE_URL}/${API_CONFIG.API_VERSION}${endpoint}`;
|
||
}
|
||
|
||
// Usage
|
||
const loginUrl = getApiUrl(API_CONFIG.ENDPOINTS.LOGIN);
|
||
// Result: http://localhost:8080/v1/auth/login
|
||
```
|
||
|
||
---
|
||
|
||
## 📦 Kullanım Örnekleri
|
||
|
||
### 1. React/Next.js
|
||
|
||
```javascript
|
||
// lib/api.js
|
||
const API_BASE = 'http://localhost:8080/v1';
|
||
|
||
export const authAPI = {
|
||
register: (data) =>
|
||
fetch(`${API_BASE}/auth/register`, {
|
||
method: 'POST',
|
||
headers: { 'Content-Type': 'application/json' },
|
||
credentials: 'include',
|
||
body: JSON.stringify(data)
|
||
}),
|
||
|
||
login: (data) =>
|
||
fetch(`${API_BASE}/auth/login`, {
|
||
method: 'POST',
|
||
headers: { 'Content-Type': 'application/json' },
|
||
credentials: 'include',
|
||
body: JSON.stringify(data)
|
||
}),
|
||
|
||
getCurrentUser: (token) =>
|
||
fetch(`${API_BASE}/auth/me`, {
|
||
headers: {
|
||
'Authorization': `Bearer ${token}`,
|
||
'Content-Type': 'application/json'
|
||
},
|
||
credentials: 'include'
|
||
})
|
||
};
|
||
```
|
||
|
||
### 2. Vue.js/Nuxt
|
||
|
||
```javascript
|
||
// plugins/api.js
|
||
export default defineNuxtPlugin(() => {
|
||
const config = useRuntimeConfig();
|
||
const baseURL = config.public.apiBase || 'http://localhost:8080/v1';
|
||
|
||
return {
|
||
provide: {
|
||
api: {
|
||
auth: {
|
||
register: (data) => $fetch(`${baseURL}/auth/register`, {
|
||
method: 'POST',
|
||
body: data,
|
||
credentials: 'include'
|
||
}),
|
||
login: (data) => $fetch(`${baseURL}/auth/login`, {
|
||
method: 'POST',
|
||
body: data,
|
||
credentials: 'include'
|
||
}),
|
||
me: () => $fetch(`${baseURL}/auth/me`, {
|
||
credentials: 'include'
|
||
})
|
||
}
|
||
}
|
||
}
|
||
};
|
||
});
|
||
```
|
||
|
||
### 3. Axios Instance
|
||
|
||
```javascript
|
||
// lib/axios.js
|
||
import axios from 'axios';
|
||
|
||
const api = axios.create({
|
||
baseURL: 'http://localhost:8080/v1',
|
||
withCredentials: true,
|
||
headers: {
|
||
'Content-Type': 'application/json'
|
||
}
|
||
});
|
||
|
||
// Add auth token to requests
|
||
api.interceptors.request.use((config) => {
|
||
const token = localStorage.getItem('access_token');
|
||
if (token) {
|
||
config.headers.Authorization = `Bearer ${token}`;
|
||
}
|
||
return config;
|
||
});
|
||
|
||
// Handle 401 errors
|
||
api.interceptors.response.use(
|
||
(response) => response,
|
||
async (error) => {
|
||
if (error.response?.status === 401) {
|
||
// Try to refresh token
|
||
const refreshToken = localStorage.getItem('refresh_token');
|
||
if (refreshToken) {
|
||
try {
|
||
const { data } = await api.post('/auth/refresh', {
|
||
refresh_token: refreshToken
|
||
});
|
||
localStorage.setItem('access_token', data.access_token);
|
||
// Retry original request
|
||
error.config.headers.Authorization = `Bearer ${data.access_token}`;
|
||
return api.request(error.config);
|
||
} catch {
|
||
// Refresh failed, logout
|
||
localStorage.clear();
|
||
window.location.href = '/login';
|
||
}
|
||
}
|
||
}
|
||
return Promise.reject(error);
|
||
}
|
||
);
|
||
|
||
export default api;
|
||
```
|
||
|
||
---
|
||
|
||
## 🔐 Environment Variables
|
||
|
||
### .env.local (Frontend)
|
||
|
||
```env
|
||
# Development
|
||
NEXT_PUBLIC_API_URL=http://localhost:8080
|
||
NEXT_PUBLIC_API_VERSION=v1
|
||
|
||
# Production
|
||
# NEXT_PUBLIC_API_URL=https://api.yourdomain.com
|
||
# NEXT_PUBLIC_API_VERSION=v1
|
||
```
|
||
|
||
### .env (Backend)
|
||
|
||
```env
|
||
PORT=8080
|
||
CLIENT_CALLBACK_URL=http://localhost:8080/v1/auth
|
||
APP_URL=http://localhost:8080
|
||
```
|
||
|
||
---
|
||
|
||
## 🧪 Test Komutları
|
||
|
||
```bash
|
||
# Register
|
||
curl -X POST http://localhost:8080/v1/auth/register \
|
||
-H "Content-Type: application/json" \
|
||
-d '{"email":"test@test.com","password":"Test123!","user_name":"test"}'
|
||
|
||
# Login
|
||
curl -X POST http://localhost:8080/v1/auth/login \
|
||
-H "Content-Type: application/json" \
|
||
-d '{"email":"test@test.com","password":"Test123!"}'
|
||
|
||
# Get user (with token)
|
||
curl http://localhost:8080/v1/auth/me \
|
||
-H "Authorization: Bearer YOUR_TOKEN"
|
||
|
||
# Admin - Update user
|
||
curl -X PUT http://localhost:8080/v1/admin/users/54687716-1aed-41ff-aa13-bb05dd7f34e7 \
|
||
-H "Authorization: Bearer ADMIN_TOKEN" \
|
||
-H "Content-Type: application/json" \
|
||
-d '{
|
||
"email": "newemail@example.com",
|
||
"user_name": "newusername",
|
||
"email_verified": true
|
||
}'
|
||
|
||
# Admin - Get all users
|
||
curl -X GET http://localhost:8080/v1/admin/users?page=1&limit=10 \
|
||
-H "Authorization: Bearer ADMIN_TOKEN"
|
||
|
||
# Admin - Search users
|
||
curl -X GET "http://localhost:8080/v1/admin/users/search?q=test" \
|
||
-H "Authorization: Bearer ADMIN_TOKEN"
|
||
```
|
||
|
||
---
|
||
|
||
## 📚 Swagger Dokümantasyonu
|
||
|
||
Tüm endpoint'lerin detaylı dokümantasyonu için:
|
||
|
||
```
|
||
http://localhost:8080/docs/index.html
|
||
```
|
||
|
||
---
|
||
|
||
## ✅ Hazır Kullanım
|
||
|
||
API endpoint'leri hazır ve çalışıyor! Frontend'inizde kullanmaya başlayabilirsiniz:
|
||
|
||
1. **API_ENDPOINTS.md** - Detaylı endpoint dokümantasyonu
|
||
2. **Swagger UI** - İnteraktif API testi: http://localhost:8080/docs/index.html
|
||
3. Yukarıdaki örnekleri projenize kopyalayıp kullanabilirsiniz
|
||
|
||
**Önemli:** CORS zaten `http://localhost:3000` için yapılandırılmış durumda! ✅
|