Flocci API Documentation

๐Ÿ“‹ Table of Contents

๐Ÿ” Authentication

  • โ€ข POST /api/signup - User registration
  • โ€ข POST /api/login - User authentication
  • โ€ข GET /api/auth/session - Session validation
  • โ€ข POST /api/auth/session - Logout
  • โ€ข GET /api/auth/google - Google OAuth
  • โ€ข GET /api/auth/callback - OAuth callback

๐Ÿ’ณ Payments

  • โ€ข POST /api/payments/initiate - Start payment
  • โ€ข POST /api/payments/callback - PayU callback
  • โ€ข GET /api/payments/success - Success page
  • โ€ข GET /api/payments/failure - Failure page

๐Ÿ‘‘ Admin

  • โ€ข GET /api/admin/dashboard - Analytics
  • โ€ข GET /api/admin/monitoring - System health
  • โ€ข GET /api/admin/rate-limits - Rate limits

๐Ÿ“ง Contact

  • โ€ข POST /api/contact - General contact
  • โ€ข POST /api/company/contact - Company contact
  • โ€ข POST /api/careers - Job applications

๐Ÿ”‘ Authentication

Session-based Authentication

Most endpoints require authentication via session tokens:

{
  "Authorization": "Bearer <session_token>"
}

๐Ÿ›ก๏ธ Admin Endpoints

Admin endpoints require users with admin privileges:

  • /api/admin/dashboard - Payment analytics
  • /api/admin/monitoring - System health
  • /api/admin/rate-limits - Rate limit management

โšก Rate Limits

All endpoints are protected by rate limiting to ensure fair usage:

{
  "/api/login": {
    "requests": 5,
    "window": "5 minutes"
  },
  "/api/signup": {
    "requests": 3,
    "window": "5 minutes"
  },
  "/api/payments/initiate": {
    "requests": 10,
    "window": "5 minutes"
  },
  "/api/": {
    "requests": 100,
    "window": "1 minute"
  },
  "/api/admin/": {
    "requests": 300,
    "window": "1 minute"
  }
}

๐Ÿšจ Error Responses

HTTP Status Codes

{
  "200": "Success - Request completed successfully",
  "400": "Bad Request - Invalid input data or validation error",
  "401": "Unauthorized - Authentication required or invalid token",
  "403": "Forbidden - Insufficient permissions (admin required)",
  "404": "Not Found - Resource or endpoint not found",
  "429": "Too Many Requests - Rate limit exceeded",
  "500": "Internal Server Error - Server-side error"
}

Error Response Format

{
  "error": "Error message description",
  "code": "ERROR_CODE",
  "details": "Additional error details if available"
}

๐Ÿงช Testing

๐Ÿ“ฆ Postman Collection

Import the Postman collection for easy API testing:

/Flocci-Backend-API.postman_collection.json

Contains all endpoints with pre-configured requests and examples.

๐Ÿ”ง Test Script

Run the automated test script:

./test-api.sh

Automated bash script to test all endpoints with sample data.

๐Ÿš€ Quick Start

1. Authentication Flow

Start by registering or logging in to get a session token

2. Use Session Token

Include the session token in the Authorization header for protected endpoints

3. Test Payments

Use the payments/initiate endpoint to test PayU integration

4. Admin Access

Ensure your user has admin privileges for admin endpoints