🔗 Backend URL Yönetimi API Endpoint Listesi Base URL Local: http://localhost:8080 Production: https://api.yourdomain.com API Version v1 📋 Tüm Endpoint'ler Method Endpoint Auth Rate Limit Açıklama GET / ❌ - Homepage GET /docs/index.html ❌ - Swagger UI POST /v1/auth/register ❌ 3/5min Kullanıcı kaydı POST /v1/auth/login ❌ 5/1min Giriş GET /v1/auth/verify-email ❌ - Email doğrulama GET /v1/auth/:provider ❌ - OAuth başlat GET /v1/auth/:provider/callback ❌ - OAuth callback POST /v1/auth/refresh ❌ - Token yenile GET /v1/auth/me ✅ - Kullanıcı bilgileri GET /v1/auth/validate ✅ - Token doğrula Admin - User Management (Admin rolü gerekli) Method Endpoint Auth Açıklama GET /v1/admin/users ✅ Admin Tüm kullanıcıları listele GET /v1/admin/users/search?q={query} ✅ Admin Kullanıcı ara GET /v1/admin/users/:id ✅ Admin Kullanıcı detayı POST /v1/admin/users ✅ Admin Yeni kullanıcı oluştur PUT /v1/admin/users/:id ✅ Admin Kullanıcı güncelle DELETE /v1/admin/users/:id ✅ Admin Kullanıcı sil POST /v1/admin/users/:id/roles ✅ Admin Rol ata DELETE /v1/admin/users/:id/roles/:role ✅ Admin Rol kaldır Admin - Settings (Admin rolü gerekli) Method Endpoint Auth Açıklama GET /v1/settings/cors/whitelist ✅ Admin CORS whitelist listele POST /v1/settings/cors/whitelist ✅ Admin CORS whitelist ekle PUT /v1/settings/cors/whitelist/:id ✅ Admin CORS whitelist güncelle DELETE /v1/settings/cors/whitelist/:id ✅ Admin CORS whitelist sil GET /v1/settings/cors/blacklist ✅ Admin CORS blacklist listele POST /v1/settings/cors/blacklist ✅ Admin CORS blacklist ekle PUT /v1/settings/cors/blacklist/:id ✅ Admin CORS blacklist güncelle DELETE /v1/settings/cors/blacklist/:id ✅ Admin CORS blacklist sil GET /v1/settings/ratelimit ✅ Admin Rate limit ayarları PUT /v1/settings/ratelimit/:id ✅ Admin Rate limit güncelle 🎯 Frontend için URL Yapısı JavaScript/TypeScript Constants // config/api.js export const API_CONFIG = { BASE_URL: process.env.NEXT_PUBLIC_API_URL || 'http://localhost:8080', API_VERSION: 'v1', ENDPOINTS: { // Auth endpoints REGISTER: '/auth/register', LOGIN: '/auth/login', LOGOUT: '/auth/logout', REFRESH: '/auth/refresh', VERIFY_EMAIL: '/auth/verify-email', ME: '/auth/me', VALIDATE: '/auth/validate', // OAuth endpoints OAUTH_GOOGLE: '/auth/google', OAUTH_GITHUB: '/auth/github', OAUTH_GOOGLE_CALLBACK: '/auth/google/callback', OAUTH_GITHUB_CALLBACK: '/auth/github/callback', } }; // Helper function export function getApiUrl(endpoint) { return `${API_CONFIG.BASE_URL}/${API_CONFIG.API_VERSION}${endpoint}`; } // Usage const loginUrl = getApiUrl(API_CONFIG.ENDPOINTS.LOGIN); // Result: http://localhost:8080/v1/auth/login 📦 Kullanım Örnekleri 1. React/Next.js // lib/api.js const API_BASE = 'http://localhost:8080/v1'; export const authAPI = { register: (data) => fetch(`${API_BASE}/auth/register`, { method: 'POST', headers: { 'Content-Type': 'application/json' }, credentials: 'include', body: JSON.stringify(data) }), login: (data) => fetch(`${API_BASE}/auth/login`, { method: 'POST', headers: { 'Content-Type': 'application/json' }, credentials: 'include', body: JSON.stringify(data) }), getCurrentUser: (token) => fetch(`${API_BASE}/auth/me`, { headers: { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' }, credentials: 'include' }) }; 2. Vue.js/Nuxt // plugins/api.js export default defineNuxtPlugin(() => { const config = useRuntimeConfig(); const baseURL = config.public.apiBase || 'http://localhost:8080/v1'; return { provide: { api: { auth: { register: (data) => $fetch(`${baseURL}/auth/register`, { method: 'POST', body: data, credentials: 'include' }), login: (data) => $fetch(`${baseURL}/auth/login`, { method: 'POST', body: data, credentials: 'include' }), me: () => $fetch(`${baseURL}/auth/me`, { credentials: 'include' }) } } } }; }); 3. Axios Instance // lib/axios.js import axios from 'axios'; const api = axios.create({ baseURL: 'http://localhost:8080/v1', withCredentials: true, headers: { 'Content-Type': 'application/json' } }); // Add auth token to requests api.interceptors.request.use((config) => { const token = localStorage.getItem('access_token'); if (token) { config.headers.Authorization = `Bearer ${token}`; } return config; }); // Handle 401 errors api.interceptors.response.use( (response) => response, async (error) => { if (error.response?.status === 401) { // Try to refresh token const refreshToken = localStorage.getItem('refresh_token'); if (refreshToken) { try { const { data } = await api.post('/auth/refresh', { refresh_token: refreshToken }); localStorage.setItem('access_token', data.access_token); // Retry original request error.config.headers.Authorization = `Bearer ${data.access_token}`; return api.request(error.config); } catch { // Refresh failed, logout localStorage.clear(); window.location.href = '/login'; } } } return Promise.reject(error); } ); export default api; 🔐 Environment Variables .env.local (Frontend) # Development NEXT_PUBLIC_API_URL=http://localhost:8080 NEXT_PUBLIC_API_VERSION=v1 # Production # NEXT_PUBLIC_API_URL=https://api.yourdomain.com # NEXT_PUBLIC_API_VERSION=v1 .env (Backend) PORT=8080 CLIENT_CALLBACK_URL=http://localhost:8080/v1/auth APP_URL=http://localhost:8080 🧪 Test Komutları # Register curl -X POST http://localhost:8080/v1/auth/register \ -H "Content-Type: application/json" \ -d '{"email":"test@test.com","password":"Test123!","user_name":"test"}' # Login curl -X POST http://localhost:8080/v1/auth/login \ -H "Content-Type: application/json" \ -d '{"email":"test@test.com","password":"Test123!"}' # Get user (with token) curl http://localhost:8080/v1/auth/me \ -H "Authorization: Bearer YOUR_TOKEN" # Admin - Update user curl -X PUT http://localhost:8080/v1/admin/users/54687716-1aed-41ff-aa13-bb05dd7f34e7 \ -H "Authorization: Bearer ADMIN_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "email": "newemail@example.com", "user_name": "newusername", "email_verified": true }' # Admin - Get all users curl -X GET http://localhost:8080/v1/admin/users?page=1&limit=10 \ -H "Authorization: Bearer ADMIN_TOKEN" # Admin - Search users curl -X GET "http://localhost:8080/v1/admin/users/search?q=test" \ -H "Authorization: Bearer ADMIN_TOKEN" 📚 Swagger Dokümantasyonu Tüm endpoint'lerin detaylı dokümantasyonu için: http://localhost:8080/docs/index.html ✅ Hazır Kullanım API endpoint'leri hazır ve çalışıyor! Frontend'inizde kullanmaya başlayabilirsiniz: API_ENDPOINTS.md - Detaylı endpoint dokümantasyonu Swagger UI - İnteraktif API testi: http://localhost:8080/docs/index.html Yukarıdaki örnekleri projenize kopyalayıp kullanabilirsiniz Önemli: CORS zaten http://localhost:3000 için yapılandırılmış durumda! ✅