will/rxminder
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
agent/introduce-bcrypt-hashing-1758642524245-kwmoi1
rxminder/docs/development/API.md
William Valentin 36dcdbd459 docs: fix broken references and update paths 
- Update README.md to remove references to deleted migration/deployment docs
- Fix CONTRIBUTING.md to point to correct documentation paths
- Remove broken references in API.md to non-existent files
- Update ENVIRONMENT_VARIABLES.md to reference existing documentation
- Ensure all documentation links work correctly after reorganization
2025-09-08 21:38:07 -07:00

839 lines
12 KiB
Markdown
Raw Permalink Blame History

# API Documentation
## 📚 API Reference for Medication Reminder App
### **Base URL**
- Development: `http://localhost:5173`
- Production: `http://localhost:8080`
### **Authentication**
All authenticated endpoints require a valid session token.
#### **Headers**
```http
Authorization: Bearer <token>
Content-Type: application/json
```
---
## 🔐 Authentication Endpoints
### **Register User**
Create a new user account with email verification.
**Endpoint:** `POST /auth/register`
**Request Body:**
```json
{
"email": "user@example.com",
"password": "SecurePassword123!",
"username": "JohnDoe"
}
```
**Response:**
```json
{
"user": {
"_id": "user-uuid",
"email": "user@example.com",
"username": "JohnDoe",
"status": "PENDING",
"emailVerified": false,
"role": "USER",
"createdAt": "2025-09-05T12:00:00Z"
},
"verificationToken": {
"token": "verification-token-uuid",
"expiresAt": "2025-09-05T13:00:00Z"
}
}
```
**Status Codes:**
- `201` - User created successfully
- `400` - Invalid input data
- `409` - Email already exists
---
### **Login User**
Authenticate user with email and password.
**Endpoint:** `POST /auth/login`
**Request Body:**
```json
{
"email": "user@example.com",
"password": "SecurePassword123!"
}
```
**Response:**
```json
{
"user": {
"_id": "user-uuid",
"email": "user@example.com",
"username": "JohnDoe",
"status": "ACTIVE",
"emailVerified": true,
"role": "USER"
},
"accessToken": "jwt-access-token",
"refreshToken": "jwt-refresh-token"
}
```
**Status Codes:**
- `200` - Login successful
- `401` - Invalid credentials
- `403` - Account not verified or suspended
---
### **OAuth Login**
Authenticate using OAuth providers (Google, GitHub).
**Endpoint:** `POST /auth/oauth`
**Request Body:**
```json
{
"provider": "google",
"userData": {
"email": "user@example.com",
"username": "John Doe",
"avatar": "https://example.com/avatar.jpg"
}
}
```
**Response:**
```json
{
"user": {
"_id": "user-uuid",
"email": "user@example.com",
"username": "John Doe",
"status": "ACTIVE",
"emailVerified": true,
"role": "USER",
"avatar": "https://example.com/avatar.jpg"
},
"accessToken": "jwt-access-token",
"refreshToken": "jwt-refresh-token"
}
```
---
### **Verify Email**
Activate user account using verification token.
**Endpoint:** `POST /auth/verify-email`
**Request Body:**
```json
{
"token": "verification-token-uuid"
}
```
**Response:**
```json
{
"user": {
"_id": "user-uuid",
"email": "user@example.com",
"username": "JohnDoe",
"status": "ACTIVE",
"emailVerified": true,
"role": "USER"
}
}
```
---
### **Change Password**
Change user password (requires current password).
**Endpoint:** `POST /auth/change-password`
**Request Body:**
```json
{
"userId": "user-uuid",
"currentPassword": "OldPassword123!",
"newPassword": "NewPassword456!"
}
```
**Response:**
```json
{
"success": true,
"message": "Password changed successfully"
}
```
---
### **Request Password Reset**
Request password reset email.
**Endpoint:** `POST /auth/request-password-reset`
**Request Body:**
```json
{
"email": "user@example.com"
}
```
**Response:**
```json
{
"success": true,
"message": "Password reset email sent"
}
```
---
### **Reset Password**
Reset password using reset token.
**Endpoint:** `POST /auth/reset-password`
**Request Body:**
```json
{
"token": "reset-token-uuid",
"newPassword": "NewPassword123!"
}
```
**Response:**
```json
{
"success": true,
"message": "Password reset successful"
}
```
---
## 💊 Medication Management
### **Add Medication**
Add a new medication to user's list.
**Endpoint:** `POST /medications`
**Request Body:**
```json
{
"name": "Aspirin",
"dosage": "100mg",
"frequency": "Daily",
"startTime": "08:00",
"notes": "Take with food",
"icon": "💊"
}
```
**Response:**
```json
{
"_id": "medication-uuid",
"name": "Aspirin",
"dosage": "100mg",
"frequency": "Daily",
"startTime": "08:00",
"notes": "Take with food",
"icon": "💊",
"userId": "user-uuid",
"createdAt": "2025-09-05T12:00:00Z"
}
```
---
### **Get Medications**
Retrieve user's medications.
**Endpoint:** `GET /medications`
**Query Parameters:**
- `active` (boolean) - Filter active medications only
**Response:**
```json
[
{
"_id": "medication-uuid",
"name": "Aspirin",
"dosage": "100mg",
"frequency": "Daily",
"startTime": "08:00",
"notes": "Take with food",
"icon": "💊"
}
]
```
---
### **Update Medication**
Update existing medication.
**Endpoint:** `PUT /medications/:id`
**Request Body:**
```json
{
"dosage": "200mg",
"notes": "Take with plenty of water"
}
```
**Response:**
```json
{
"_id": "medication-uuid",
"name": "Aspirin",
"dosage": "200mg",
"frequency": "Daily",
"startTime": "08:00",
"notes": "Take with plenty of water",
"icon": "💊"
}
```
---
### **Delete Medication**
Remove medication from user's list.
**Endpoint:** `DELETE /medications/:id`
**Response:**
```json
{
"success": true,
"message": "Medication deleted successfully"
}
```
---
## ⏰ Reminder Management
### **Add Custom Reminder**
Create a custom reminder.
**Endpoint:** `POST /reminders`
**Request Body:**
```json
{
"title": "Doctor Appointment",
"message": "Annual checkup with Dr. Smith",
"scheduledFor": "2025-09-15T14:00:00Z",
"recurrence": "yearly"
}
```
**Response:**
```json
{
"_id": "reminder-uuid",
"title": "Doctor Appointment",
"message": "Annual checkup with Dr. Smith",
"scheduledFor": "2025-09-15T14:00:00Z",
"recurrence": "yearly",
"userId": "user-uuid",
"isActive": true
}
```
---
### **Get Reminders**
Retrieve user's reminders.
**Endpoint:** `GET /reminders`
**Query Parameters:**
- `date` (string) - Filter by specific date (YYYY-MM-DD)
- `active` (boolean) - Filter active reminders only
**Response:**
```json
[
{
"_id": "reminder-uuid",
"title": "Doctor Appointment",
"message": "Annual checkup with Dr. Smith",
"scheduledFor": "2025-09-15T14:00:00Z",
"recurrence": "yearly",
"isActive": true
}
]
```
---
## 📊 Dose Tracking
### **Record Taken Dose**
Mark a dose as taken.
**Endpoint:** `POST /doses/taken`
**Request Body:**
```json
{
"medicationId": "medication-uuid",
"scheduledTime": "2025-09-05T08:00:00Z",
"takenAt": "2025-09-05T08:15:00Z",
"notes": "Took with breakfast"
}
```
**Response:**
```json
{
"success": true,
"dose": {
"id": "medication-uuid-2025-09-05",
"medicationId": "medication-uuid",
"scheduledTime": "2025-09-05T08:00:00Z",
"takenAt": "2025-09-05T08:15:00Z",
"status": "TAKEN",
"notes": "Took with breakfast"
}
}
```
---
### **Get Dose History**
Retrieve dose history for analytics.
**Endpoint:** `GET /doses`
**Query Parameters:**
- `medicationId` (string) - Filter by medication
- `startDate` (string) - Start date (YYYY-MM-DD)
- `endDate` (string) - End date (YYYY-MM-DD)
- `status` (string) - Filter by status (TAKEN, MISSED, UPCOMING)
**Response:**
```json
{
"doses": [
{
"id": "medication-uuid-2025-09-05",
"medicationId": "medication-uuid",
"scheduledTime": "2025-09-05T08:00:00Z",
"takenAt": "2025-09-05T08:15:00Z",
"status": "TAKEN"
}
],
"stats": {
"totalDoses": 30,
"takenDoses": 28,
"missedDoses": 2,
"adherenceRate": 93.3
}
}
```
---
## 👑 Admin Endpoints
### **Get All Users**
Retrieve all users (admin only).
**Endpoint:** `GET /admin/users`
**Query Parameters:**
- `status` (string) - Filter by status
- `role` (string) - Filter by role
- `page` (number) - Pagination page
- `limit` (number) - Items per page
**Response:**
```json
{
"users": [
{
"_id": "user-uuid",
"email": "user@example.com",
"username": "JohnDoe",
"status": "ACTIVE",
"role": "USER",
"emailVerified": true,
"createdAt": "2025-09-05T12:00:00Z",
"lastLoginAt": "2025-09-05T15:30:00Z"
}
],
"pagination": {
"page": 1,
"limit": 20,
"total": 150,
"pages": 8
}
}
```
---
### **Update User Status**
Change user account status (admin only).
**Endpoint:** `PUT /admin/users/:id/status`
**Request Body:**
```json
{
"status": "SUSPENDED"
}
```
**Response:**
```json
{
"success": true,
"user": {
"_id": "user-uuid",
"status": "SUSPENDED"
}
}
```
---
### **Delete User**
Delete user account (admin only).
**Endpoint:** `DELETE /admin/users/:id`
**Response:**
```json
{
"success": true,
"message": "User deleted successfully"
}
```
---
## 📈 Analytics
### **User Statistics**
Get user's medication adherence statistics.
**Endpoint:** `GET /analytics/stats`
**Query Parameters:**
- `period` (string) - Time period (7d, 30d, 90d, 1y)
**Response:**
```json
{
"adherence": {
"overall": 92.5,
"trend": "improving",
"streak": 7
},
"medications": [
{
"medicationId": "medication-uuid",
"name": "Aspirin",
"taken": 28,
"missed": 2,
"adherence": 93.3
}
],
"dailyStats": [
{
"date": "2025-09-05",
"adherence": 100,
"totalDoses": 3,
"takenDoses": 3
}
]
}
```
---
## 🔧 User Settings
### **Get User Settings**
Retrieve user preferences.
**Endpoint:** `GET /settings`
**Response:**
```json
{
"notifications": {
"email": true,
"push": false,
"reminderSound": true
},
"preferences": {
"theme": "dark",
"timezone": "UTC-5",
"dateFormat": "MM/DD/YYYY"
},
"privacy": {
"shareStats": false,
"anonymousUsage": true
}
}
```
---
### **Update User Settings**
Update user preferences.
**Endpoint:** `PUT /settings`
**Request Body:**
```json
{
"notifications": {
"email": false,
"push": true
},
"preferences": {
"theme": "light"
}
}
```
**Response:**
```json
{
"success": true,
"settings": {
"notifications": {
"email": false,
"push": true,
"reminderSound": true
},
"preferences": {
"theme": "light",
"timezone": "UTC-5",
"dateFormat": "MM/DD/YYYY"
}
}
}
```
---
## 📁 File Upload
### **Upload Avatar**
Upload user avatar image.
**Endpoint:** `POST /upload/avatar`
**Request:** Multipart form data
- `avatar` (file) - Image file (JPEG, PNG, max 2MB)
**Response:**
```json
{
"success": true,
"avatarUrl": "data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQ..."
}
```
---
## 🔍 Search
### **Search Medications**
Search for medications by name.
**Endpoint:** `GET /search/medications`
**Query Parameters:**
- `q` (string) - Search query
- `limit` (number) - Max results
**Response:**
```json
{
"results": [
{
"name": "Aspirin",
"commonDosages": ["100mg", "325mg", "500mg"],
"category": "Pain Reliever"
}
]
}
```
---
## ❌ Error Responses
### **Error Format**
```json
{
"error": {
"code": "VALIDATION_ERROR",
"message": "Invalid input data",
"details": {
"email": "Invalid email format",
"password": "Password too weak"
}
}
}
```
### **Common Error Codes**
- `VALIDATION_ERROR` (400) - Invalid input data
- `UNAUTHORIZED` (401) - Authentication required
- `FORBIDDEN` (403) - Insufficient permissions
- `NOT_FOUND` (404) - Resource not found
- `CONFLICT` (409) - Resource already exists
- `RATE_LIMITED` (429) - Too many requests
- `INTERNAL_ERROR` (500) - Server error
---
## 📊 Rate Limiting
### **Limits**
- Authentication endpoints: 5 requests/minute
- General API: 100 requests/minute
- Upload endpoints: 10 requests/minute
### **Headers**
```http
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1693929600
```
---
## 🔒 Security
### **Authentication**
- JWT tokens with 24-hour expiration
- Refresh tokens for automatic renewal
- Secure password hashing with bcrypt
### **Authorization**
- Role-based access control (USER, ADMIN)
- Resource-level permissions
- Account status validation
### **Data Protection**
- Input validation and sanitization
- SQL injection prevention
- XSS protection
- CORS configuration
---
## 📚 Additional Resources
- [Database Service](DATABASE.md) - Database abstraction layer documentation
- [Application Security](APPLICATION_SECURITY.md) - Security practices and guidelines
- [Code Quality](CODE_QUALITY.md) - Development standards and best practices
Reference in New Issue View Git Blame Copy Permalink