first commit

This commit is contained in:
Beyhan Oğur
2026-04-26 22:16:43 +03:00
commit 6d95e27114
97 changed files with 15687 additions and 0 deletions

237
docs/BACKEND_URLS.md Normal file
View File

@@ -0,0 +1,237 @@
🔗 Backend URL Yönetimi
API Endpoint Listesi
Base URL
Local: http://localhost:8080
Production: https://api.yourdomain.com
API Version
v1
📋 Tüm Endpoint'ler
Method Endpoint Auth Rate Limit Açıklama
GET / ❌ - Homepage
GET /docs/index.html ❌ - Swagger UI
POST /v1/auth/register ❌ 3/5min Kullanıcı kaydı
POST /v1/auth/login ❌ 5/1min Giriş
GET /v1/auth/verify-email ❌ - Email doğrulama
GET /v1/auth/:provider ❌ - OAuth başlat
GET /v1/auth/:provider/callback ❌ - OAuth callback
POST /v1/auth/refresh ❌ - Token yenile
GET /v1/auth/me ✅ - Kullanıcı bilgileri
GET /v1/auth/validate ✅ - Token doğrula
Admin - User Management (Admin rolü gerekli)
Method Endpoint Auth Açıklama
GET /v1/admin/users ✅ Admin Tüm kullanıcıları listele
GET /v1/admin/users/search?q={query} ✅ Admin Kullanıcı ara
GET /v1/admin/users/:id ✅ Admin Kullanıcı detayı
POST /v1/admin/users ✅ Admin Yeni kullanıcı oluştur
PUT /v1/admin/users/:id ✅ Admin Kullanıcı güncelle
DELETE /v1/admin/users/:id ✅ Admin Kullanıcı sil
POST /v1/admin/users/:id/roles ✅ Admin Rol ata
DELETE /v1/admin/users/:id/roles/:role ✅ Admin Rol kaldır
Admin - Settings (Admin rolü gerekli)
Method Endpoint Auth Açıklama
GET /v1/settings/cors/whitelist ✅ Admin CORS whitelist listele
POST /v1/settings/cors/whitelist ✅ Admin CORS whitelist ekle
PUT /v1/settings/cors/whitelist/:id ✅ Admin CORS whitelist güncelle
DELETE /v1/settings/cors/whitelist/:id ✅ Admin CORS whitelist sil
GET /v1/settings/cors/blacklist ✅ Admin CORS blacklist listele
POST /v1/settings/cors/blacklist ✅ Admin CORS blacklist ekle
PUT /v1/settings/cors/blacklist/:id ✅ Admin CORS blacklist güncelle
DELETE /v1/settings/cors/blacklist/:id ✅ Admin CORS blacklist sil
GET /v1/settings/ratelimit ✅ Admin Rate limit ayarları
PUT /v1/settings/ratelimit/:id ✅ Admin Rate limit güncelle
🎯 Frontend için URL Yapısı
JavaScript/TypeScript Constants
// config/api.js
export const API_CONFIG = {
BASE_URL: process.env.NEXT_PUBLIC_API_URL || 'http://localhost:8080',
API_VERSION: 'v1',
ENDPOINTS: {
// Auth endpoints
REGISTER: '/auth/register',
LOGIN: '/auth/login',
LOGOUT: '/auth/logout',
REFRESH: '/auth/refresh',
VERIFY_EMAIL: '/auth/verify-email',
ME: '/auth/me',
VALIDATE: '/auth/validate',
// OAuth endpoints
OAUTH_GOOGLE: '/auth/google',
OAUTH_GITHUB: '/auth/github',
OAUTH_GOOGLE_CALLBACK: '/auth/google/callback',
OAUTH_GITHUB_CALLBACK: '/auth/github/callback',
}
};
// Helper function
export function getApiUrl(endpoint) {
return `${API_CONFIG.BASE_URL}/${API_CONFIG.API_VERSION}${endpoint}`;
}
// Usage
const loginUrl = getApiUrl(API_CONFIG.ENDPOINTS.LOGIN);
// Result: http://localhost:8080/v1/auth/login
📦 Kullanım Örnekleri
1. React/Next.js
// lib/api.js
const API_BASE = 'http://localhost:8080/v1';
export const authAPI = {
register: (data) =>
fetch(`${API_BASE}/auth/register`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
credentials: 'include',
body: JSON.stringify(data)
}),
login: (data) =>
fetch(`${API_BASE}/auth/login`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
credentials: 'include',
body: JSON.stringify(data)
}),
getCurrentUser: (token) =>
fetch(`${API_BASE}/auth/me`, {
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
},
credentials: 'include'
})
};
2. Vue.js/Nuxt
// plugins/api.js
export default defineNuxtPlugin(() => {
const config = useRuntimeConfig();
const baseURL = config.public.apiBase || 'http://localhost:8080/v1';
return {
provide: {
api: {
auth: {
register: (data) => $fetch(`${baseURL}/auth/register`, {
method: 'POST',
body: data,
credentials: 'include'
}),
login: (data) => $fetch(`${baseURL}/auth/login`, {
method: 'POST',
body: data,
credentials: 'include'
}),
me: () => $fetch(`${baseURL}/auth/me`, {
credentials: 'include'
})
}
}
}
};
});
3. Axios Instance
// lib/axios.js
import axios from 'axios';
const api = axios.create({
baseURL: 'http://localhost:8080/v1',
withCredentials: true,
headers: {
'Content-Type': 'application/json'
}
});
// Add auth token to requests
api.interceptors.request.use((config) => {
const token = localStorage.getItem('access_token');
if (token) {
config.headers.Authorization = `Bearer ${token}`;
}
return config;
});
// Handle 401 errors
api.interceptors.response.use(
(response) => response,
async (error) => {
if (error.response?.status === 401) {
// Try to refresh token
const refreshToken = localStorage.getItem('refresh_token');
if (refreshToken) {
try {
const { data } = await api.post('/auth/refresh', {
refresh_token: refreshToken
});
localStorage.setItem('access_token', data.access_token);
// Retry original request
error.config.headers.Authorization = `Bearer ${data.access_token}`;
return api.request(error.config);
} catch {
// Refresh failed, logout
localStorage.clear();
window.location.href = '/login';
}
}
}
return Promise.reject(error);
}
);
export default api;
🔐 Environment Variables
.env.local (Frontend)
# Development
NEXT_PUBLIC_API_URL=http://localhost:8080
NEXT_PUBLIC_API_VERSION=v1
# Production
# NEXT_PUBLIC_API_URL=https://api.yourdomain.com
# NEXT_PUBLIC_API_VERSION=v1
.env (Backend)
PORT=8080
CLIENT_CALLBACK_URL=http://localhost:8080/v1/auth
APP_URL=http://localhost:8080
🧪 Test Komutları
# Register
curl -X POST http://localhost:8080/v1/auth/register \
-H "Content-Type: application/json" \
-d '{"email":"test@test.com","password":"Test123!","user_name":"test"}'
# Login
curl -X POST http://localhost:8080/v1/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"test@test.com","password":"Test123!"}'
# Get user (with token)
curl http://localhost:8080/v1/auth/me \
-H "Authorization: Bearer YOUR_TOKEN"
# Admin - Update user
curl -X PUT http://localhost:8080/v1/admin/users/54687716-1aed-41ff-aa13-bb05dd7f34e7 \
-H "Authorization: Bearer ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"email": "newemail@example.com",
"user_name": "newusername",
"email_verified": true
}'
# Admin - Get all users
curl -X GET http://localhost:8080/v1/admin/users?page=1&limit=10 \
-H "Authorization: Bearer ADMIN_TOKEN"
# Admin - Search users
curl -X GET "http://localhost:8080/v1/admin/users/search?q=test" \
-H "Authorization: Bearer ADMIN_TOKEN"
📚 Swagger Dokümantasyonu
Tüm endpoint'lerin detaylı dokümantasyonu için:
http://localhost:8080/docs/index.html
✅ Hazır Kullanım
API endpoint'leri hazır ve çalışıyor! Frontend'inizde kullanmaya başlayabilirsiniz:
API_ENDPOINTS.md - Detaylı endpoint dokümantasyonu
Swagger UI - İnteraktif API testi: http://localhost:8080/docs/index.html
Yukarıdaki örnekleri projenize kopyalayıp kullanabilirsiniz
Önemli: CORS zaten http://localhost:3000 için yapılandırılmış durumda! ✅