# NEXTLIFE.JP API Documentation ## Base URL ``` http://localhost:8000/api ``` ## Authentication All protected endpoints require a JWT token in the Authorization header: ``` Authorization: Bearer {token} ``` ## Response Format ### Success Response ```json { "status": "success", "data": {} } ``` ### Error Response ```json { "status": "error", "error_code": 400, "message": "Error message" } ``` ## Endpoints ### Authentication #### Admin Login ``` POST /admin/login Content-Type: application/json { "username": "admin", "password": "admin123" } Response: { "status": "success", "data": { "token": "jwt_token_here", "admin": { "admin_id": 1, "username": "admin", "email": "admin@nextlife.jp", "role": "admin" } } } ``` #### User Register ``` POST /users/register Content-Type: application/json { "email": "user@example.com", "password": "password123", "first_name": "John", "last_name": "Doe", "country": "Japan" } Response: { "status": "success", "data": { "token": "jwt_token_here", "user": { "user_id": 1, "email": "user@example.com" } } } ``` #### User Login ``` POST /users/login Content-Type: application/json { "email": "user@example.com", "password": "password123" } Response: { "status": "success", "data": { "token": "jwt_token_here", "user": { "user_id": 1, "email": "user@example.com", "first_name": "John", "last_name": "Doe" } } } ``` ### Tours #### Get All Tours ``` GET /tours Response: { "status": "success", "data": [ { "tour_id": 1, "title": "Drift Car Experience", "description": "...", "price": 598.00, "capacity": 50, "max_bookings": 50, "image": "...", "created_at": "2024-12-17 10:00:00" } ] } ``` #### Get Tour by ID ``` GET /tours/1 Response: { "status": "success", "data": { "tour_id": 1, "title": "Drift Car Experience", ... } } ``` #### Create Tour (Admin) ``` POST /tours Authorization: Bearer {admin_token} Content-Type: application/json { "title": "Drift Car Experience", "description": "Thrilling drift racing experience", "price": 598.00, "capacity": 50, "max_bookings": 50, "image": "tour.jpg" } Response: { "status": "success", "data": { "tour_id": 1, "message": "Tour created successfully" } } ``` #### Update Tour (Admin) ``` PUT /tours/1 Authorization: Bearer {admin_token} Content-Type: application/json { "title": "Updated Tour Title", "price": 699.00 } Response: { "status": "success", "data": { "message": "Tour updated successfully" } } ``` #### Delete Tour (Admin) ``` DELETE /tours/1 Authorization: Bearer {admin_token} Response: { "status": "success", "data": { "message": "Tour deleted successfully" } } ``` ### Vehicles Similar endpoints to tours: - `GET /vehicles` - Get all vehicles - `GET /vehicles/{id}` - Get vehicle by ID - `POST /vehicles` - Create vehicle (admin) - `PUT /vehicles/{id}` - Update vehicle (admin) - `DELETE /vehicles/{id}` - Delete vehicle (admin) ### Bookings #### Get All Bookings ``` GET /bookings ``` #### Get Booking by ID ``` GET /bookings/1 ``` #### Create Booking ``` POST /bookings Content-Type: application/json { "user_id": 1, "type": "tour", "tour_id": 1, "price": 598.00, "stripe_payment_id": "pi_..." } ``` #### Update Booking ``` PUT /bookings/1 Content-Type: application/json { "status": "confirmed" } ``` ### Stripe #### Create Payment Intent ``` POST /stripe/create-payment-intent Content-Type: application/json { "booking_type": "tour", "tour_id": 1, "total_amount": 598.00, "currency": "usd" } Response: { "status": "success", "data": { "clientSecret": "pi_test_...", "message": "Payment Intent created" } } ``` #### Webhook ``` POST /stripe/webhook Content-Type: application/json { "type": "payment_intent.succeeded", "data": { "object": { "id": "pi_...", "status": "succeeded" } } } ``` ## Testing with Curl ### Login Example ```bash curl -X POST http://localhost:8000/api/admin/login \ -H "Content-Type: application/json" \ -d '{ "username": "admin", "password": "admin123" }' ``` ### Get Tours ```bash curl http://localhost:8000/api/tours ``` ### Create Tour (requires auth) ```bash curl -X POST http://localhost:8000/api/tours \ -H "Content-Type: application/json" \ -H "Authorization: Bearer {token}" \ -d '{ "title": "New Tour", "price": 598.00, "capacity": 50 }' ``` ## Error Codes - `200` - OK - `201` - Created - `400` - Bad Request - `401` - Unauthorized - `404` - Not Found - `409` - Conflict - `500` - Internal Server Error ## Rate Limiting Currently no rate limiting is implemented. This will be added in production. ## CORS CORS is enabled for all origins. This should be restricted in production.