Files
next-go-blog/docs/BACKEND_URLS.md
Beyhan Oğur 6d95e27114 first commit
2026-04-26 22:16:43 +03:00

237 lines
7.2 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
🔗 Backend URL Yönetimi
API Endpoint Listesi
Base URL
Local: http://localhost:8080
Production: https://api.yourdomain.com
API Version
v1
📋 Tüm Endpoint'ler
Method Endpoint Auth Rate Limit Açıklama
GET / ❌ - Homepage
GET /docs/index.html ❌ - Swagger UI
POST /v1/auth/register ❌ 3/5min Kullanıcı kaydı
POST /v1/auth/login ❌ 5/1min Giriş
GET /v1/auth/verify-email ❌ - Email doğrulama
GET /v1/auth/:provider ❌ - OAuth başlat
GET /v1/auth/:provider/callback ❌ - OAuth callback
POST /v1/auth/refresh ❌ - Token yenile
GET /v1/auth/me ✅ - Kullanıcı bilgileri
GET /v1/auth/validate ✅ - Token doğrula
Admin - User Management (Admin rolü gerekli)
Method Endpoint Auth Açıklama
GET /v1/admin/users ✅ Admin Tüm kullanıcıları listele
GET /v1/admin/users/search?q={query} ✅ Admin Kullanıcı ara
GET /v1/admin/users/:id ✅ Admin Kullanıcı detayı
POST /v1/admin/users ✅ Admin Yeni kullanıcı oluştur
PUT /v1/admin/users/:id ✅ Admin Kullanıcı güncelle
DELETE /v1/admin/users/:id ✅ Admin Kullanıcı sil
POST /v1/admin/users/:id/roles ✅ Admin Rol ata
DELETE /v1/admin/users/:id/roles/:role ✅ Admin Rol kaldır
Admin - Settings (Admin rolü gerekli)
Method Endpoint Auth Açıklama
GET /v1/settings/cors/whitelist ✅ Admin CORS whitelist listele
POST /v1/settings/cors/whitelist ✅ Admin CORS whitelist ekle
PUT /v1/settings/cors/whitelist/:id ✅ Admin CORS whitelist güncelle
DELETE /v1/settings/cors/whitelist/:id ✅ Admin CORS whitelist sil
GET /v1/settings/cors/blacklist ✅ Admin CORS blacklist listele
POST /v1/settings/cors/blacklist ✅ Admin CORS blacklist ekle
PUT /v1/settings/cors/blacklist/:id ✅ Admin CORS blacklist güncelle
DELETE /v1/settings/cors/blacklist/:id ✅ Admin CORS blacklist sil
GET /v1/settings/ratelimit ✅ Admin Rate limit ayarları
PUT /v1/settings/ratelimit/:id ✅ Admin Rate limit güncelle
🎯 Frontend için URL Yapısı
JavaScript/TypeScript Constants
// config/api.js
export const API_CONFIG = {
BASE_URL: process.env.NEXT_PUBLIC_API_URL || 'http://localhost:8080',
API_VERSION: 'v1',
ENDPOINTS: {
// Auth endpoints
REGISTER: '/auth/register',
LOGIN: '/auth/login',
LOGOUT: '/auth/logout',
REFRESH: '/auth/refresh',
VERIFY_EMAIL: '/auth/verify-email',
ME: '/auth/me',
VALIDATE: '/auth/validate',
// OAuth endpoints
OAUTH_GOOGLE: '/auth/google',
OAUTH_GITHUB: '/auth/github',
OAUTH_GOOGLE_CALLBACK: '/auth/google/callback',
OAUTH_GITHUB_CALLBACK: '/auth/github/callback',
}
};
// Helper function
export function getApiUrl(endpoint) {
return `${API_CONFIG.BASE_URL}/${API_CONFIG.API_VERSION}${endpoint}`;
}
// Usage
const loginUrl = getApiUrl(API_CONFIG.ENDPOINTS.LOGIN);
// Result: http://localhost:8080/v1/auth/login
📦 Kullanım Örnekleri
1. React/Next.js
// lib/api.js
const API_BASE = 'http://localhost:8080/v1';
export const authAPI = {
register: (data) =>
fetch(`${API_BASE}/auth/register`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
credentials: 'include',
body: JSON.stringify(data)
}),
login: (data) =>
fetch(`${API_BASE}/auth/login`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
credentials: 'include',
body: JSON.stringify(data)
}),
getCurrentUser: (token) =>
fetch(`${API_BASE}/auth/me`, {
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
},
credentials: 'include'
})
};
2. Vue.js/Nuxt
// plugins/api.js
export default defineNuxtPlugin(() => {
const config = useRuntimeConfig();
const baseURL = config.public.apiBase || 'http://localhost:8080/v1';
return {
provide: {
api: {
auth: {
register: (data) => $fetch(`${baseURL}/auth/register`, {
method: 'POST',
body: data,
credentials: 'include'
}),
login: (data) => $fetch(`${baseURL}/auth/login`, {
method: 'POST',
body: data,
credentials: 'include'
}),
me: () => $fetch(`${baseURL}/auth/me`, {
credentials: 'include'
})
}
}
}
};
});
3. Axios Instance
// lib/axios.js
import axios from 'axios';
const api = axios.create({
baseURL: 'http://localhost:8080/v1',
withCredentials: true,
headers: {
'Content-Type': 'application/json'
}
});
// Add auth token to requests
api.interceptors.request.use((config) => {
const token = localStorage.getItem('access_token');
if (token) {
config.headers.Authorization = `Bearer ${token}`;
}
return config;
});
// Handle 401 errors
api.interceptors.response.use(
(response) => response,
async (error) => {
if (error.response?.status === 401) {
// Try to refresh token
const refreshToken = localStorage.getItem('refresh_token');
if (refreshToken) {
try {
const { data } = await api.post('/auth/refresh', {
refresh_token: refreshToken
});
localStorage.setItem('access_token', data.access_token);
// Retry original request
error.config.headers.Authorization = `Bearer ${data.access_token}`;
return api.request(error.config);
} catch {
// Refresh failed, logout
localStorage.clear();
window.location.href = '/login';
}
}
}
return Promise.reject(error);
}
);
export default api;
🔐 Environment Variables
.env.local (Frontend)
# Development
NEXT_PUBLIC_API_URL=http://localhost:8080
NEXT_PUBLIC_API_VERSION=v1
# Production
# NEXT_PUBLIC_API_URL=https://api.yourdomain.com
# NEXT_PUBLIC_API_VERSION=v1
.env (Backend)
PORT=8080
CLIENT_CALLBACK_URL=http://localhost:8080/v1/auth
APP_URL=http://localhost:8080
🧪 Test Komutları
# Register
curl -X POST http://localhost:8080/v1/auth/register \
-H "Content-Type: application/json" \
-d '{"email":"test@test.com","password":"Test123!","user_name":"test"}'
# Login
curl -X POST http://localhost:8080/v1/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"test@test.com","password":"Test123!"}'
# Get user (with token)
curl http://localhost:8080/v1/auth/me \
-H "Authorization: Bearer YOUR_TOKEN"
# Admin - Update user
curl -X PUT http://localhost:8080/v1/admin/users/54687716-1aed-41ff-aa13-bb05dd7f34e7 \
-H "Authorization: Bearer ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"email": "newemail@example.com",
"user_name": "newusername",
"email_verified": true
}'
# Admin - Get all users
curl -X GET http://localhost:8080/v1/admin/users?page=1&limit=10 \
-H "Authorization: Bearer ADMIN_TOKEN"
# Admin - Search users
curl -X GET "http://localhost:8080/v1/admin/users/search?q=test" \
-H "Authorization: Bearer ADMIN_TOKEN"
📚 Swagger Dokümantasyonu
Tüm endpoint'lerin detaylı dokümantasyonu için:
http://localhost:8080/docs/index.html
✅ Hazır Kullanım
API endpoint'leri hazır ve çalışıyor! Frontend'inizde kullanmaya başlayabilirsiniz:
API_ENDPOINTS.md - Detaylı endpoint dokümantasyonu
Swagger UI - İnteraktif API testi: http://localhost:8080/docs/index.html
Yukarıdaki örnekleri projenize kopyalayıp kullanabilirsiniz
Önemli: CORS zaten http://localhost:3000 için yapılandırılmış durumda! ✅