This document serves as a short overview over the api and its' responses.
Furthermore requests may include a <session_id>
field. This implies that it can only be called after a successful login.
Definition
POST /login
Arguments
"email":string
the email address used to globally identify a user"password":string
the user's password
Response
200 OK
on success401 Unauthorized
if provided credentials were incorrect
{
"session_id": "595743e4fc699393"
}
Note this is the only alphanumeric ID at 16 characters length
Definition
POST /register
Arguments
"email":string
the user's e-mail address (has to be globally unique)"username":string
the desired username used for displaying"password":string
a hash of a nice and strong password
Response
200 OK
on success409 Conflict
if the email is already being used
Definition
POST /change_password/<session_id>
Arguments
"password":string
the new password to be used
Response
200 OK
on success400 Bad Request
if the session_id is too long401 Unauthorized
if the session id is invalid409 Conflict
if the password is identical to the existing one
Definition
GET /profile/<session_id>/
Response
200 OK
on success401 Unauthorized
if the session_id could not be found400 Bad Request
if the session_id is too long
{
"name": "a fancy name",
"belongs_to_vendor": 1,
"city": "wewlad",
"zip": "123456",
"street": "yeet yoot",
"wallet": 3.1415,
"email": "bill@example.com",
"cart": [
{
"item_id": 23,
"amount": 10
},
{
"item_id": 53,
"amount": 69
}
],
"order_history": [
123123,
321321,
555
]
}
Definition
POST /change_profile/user/<session_id>
{
"name": "a new name?",
"leave_vendor": true
}
Note: even if a vendor ends up with 0 members this way, it will still continue to exist, but all of this vendor's items will be hidden for future purchases.
Response
200 OK
on success400 Bad Request
if the session_id is too long401 Unauthorized
if the session_id is invalid
Definition
POST /change_address/<session_id>
{
"city": "Ye olde town",
"zip": "666666",
"street": "You know where"
}
Response
200 OK
on success400 Bad Request
if the session_id is too long401 Unauthorized
if the session_id is invalid
Definition
POST /add_funds/<session_id>/<amount>
Response
200 OK
on success400 Bad Request
if the session_id is too long401 Unauthorized
if the session_id is invalid
Definition
POST /add_vendor/<session_id>
{
"name": "a cool vendor name",
"description": "why you're so cool"
}
Response
200 OK
on success400 Bad Request
if the session_id is too long401 Unauthorized
if the session_id is invalid
Definition
POST /add_vendor_image/<session_id>
enctype=multipart/form-data
Arguments
"image":file
the image to be added
Response
200 OK
on success400 Bad Request
if the session_id was too long401 Unauthorized
if the session id was not valid or if the user does not belong to any vendor
If the file was already present it will be overwritten.
Definition
POST /add_vendor_member/<session_id>/<email>
Response
200 OK
on success400 Bad Request
if the session_id is too long401 Unauthorized
if the session_id is invalid404 Not Found
if the user e-mail could not be found
Definition
POST /change_profile/vendor/<session_id>
{
"name": "your new name?",
"description": "a fresh breeze.."
}
Response
200 OK
on success400 Bad Request
if the session_id is too long401 Unauthorized
if the session_id is invalid
Definition
GET /item/<item_id>
Response
200 OK
on success404 Not Found
if the item id could not be found
{
"name": "a product name",
"description": "a product description",
"vendor": 2,
"manufacturer": 1,
"pictures": [
"link/to/pic2",
"link/to/pic1",
"etc."
],
"price": 420,
"category": 111,
"tags": [
"beautiful",
"another tag"
],
"details": {
"property 1": "value1",
"property 2": "value2"
}
}
Note: another method for batch queries should be created, however I'm still working out the details on that
Definition
POST /add_item/<session_id>
{
"name": "a product name",
"description": "a product description",
"manufacturer": 1,
"price": 420,
"category": 111,
"tags": [
"one",
"two",
"three"
],
"details": {
"property 1": "value1",
"property 2": "value2"
}
}
Response
200 OK
on success400 Bad Request
if the request was not valid or if the session_id was too long401 Unauthorized
if the session_id was invalid or if the user is not part of any vendor
{
"item_id": 123
}
Definition
POST /add_item_image/<session_id>/<item_id>
Arguments
"image":file
the image to be added
Response
200 OK
on success400 Bad Request
if the file was invalid or if the session_id was too long401 Unauthorized
if the session id was not valid
Definition
POST /add_item_tag/<item_id>/<tag_name>
Response
200 OK
on success404 Not Found
if the Item ID was not found
Definition
POST /change_item/info/<session_id>/<item_id>
{
"name": "a new product name",
"description": "a new product description",
"manufacturer": 2,
"price": 1000,
"category": 4,
"tags": [
"four",
"five",
"six"
]
}
Response
200 OK
on success404 Not Found
if the item_id could not be found401 Unauthorized
if the session_id was invalid or if the user does not belong to that item's vendor400 Bad Request
if the session_id provided was too long
Definition
POST /change_item/details/<sesison_id>/<item_id>
{
"property 1": "new value1",
"property 2": "new value2"
}
Response
200 OK
on success404 Not Found
if the item_id could not be found401 Unauthorized
if the session_id was invalid or if the user does not belong to that item's vendor400 Bad Request
if the session_id provided was too long
Definition
POST /remove_item_image/<session_id>/<item_id>/<image_file_name>
Response
200 OK
on success404 Not Found
if the item_id or image file could not be found in this user's vendor400 Bad Request
if the session_id provided was too long
Definition
POST /delete_item/<session_id>/<item_id>
Response
200 OK
on success401 Unauthorized
if the session_id is invalid404 Not Found
if the item_id could not be found or if the item does not belong to the vendor
Note that this does not actually delete the item from the database, but just hide it from being selected for new purchases.
Definition
POST /grab_item/<session_id>/<item_id>/<amount>
Response
200 OK
on success404 Not Found
if the item could not be found401 Unauthorized
if the session id could not be found400 Bad Request
if the session_id is too long403 Forbidden
if the amount is < 0
Definition
POST /remove_item/<session_id>/<item_id>
Response
200 OK
on success401 Unauthorized
if the session id could not be found400 Bad Request
if the session_id is too long
Definition
GET /tags
Response
200 OK
[
"Tag one",
"Tag two",
"Tag three"
]
Definition
GET /categories
Response
200 OK
[
{
"category_name": "abc",
"category_id": 1
},
{
"category_name": "def",
"category_id": 2
}
]
Definition
GET /manufacturers
Response
200 OK
[
{
"manufacturer_name": "wew",
"manufacturer_description": "wow",
"manufacturer_id": 1
},
{
"manufacturer_name": "lad",
"manufacturer_description": "i don't even know anymore",
"manufacturer_id": 2
}
]
Definition
POST /add_manufacturer
{
"manufacturer_name": "lad",
"manufacturer_description": "totally descriptive piece of text"
}
Response
200 OK
{
"manufacturer_id": 2
}
Definition
GET /vendor/<vendor_id>
Response
200 OK
on success404 Not Found
if the vendor id could not be found
{
"name": "the vendor name",
"image": "/path/to/image",
"description": "a meaningful description",
"items": [
123123,
11,
231
]
}
Defitinion
GET /search/<search_string>
The search string searches in product names for now.
Response
200 OK
in every case If no items were found, an empty list is provided
[
1,
432,
65
]
Definition
GET /random/<amount>
Response
200 OK
on success400 Bad Request
if the amount is < 1
[
1,
2,
3,
4,
69
]
Definition
POST /purchase/<session_id>
Response
200 OK
on success400 Bad Request
if the cart was empty401 Unauthorized
if the session_id is invalid
{
"order_id": 123123123
}
Definition
GET /order/<session_id>/<order_id>
Response
200 OK
on success401 Unauthorized
if the session_id is not valid or if the order_id belongs to a different person404 Not Found
if the order_id could not be found in the database400 Bad Request
if the session_id was longer than 16 characters
{
"ordered_on": "HH:mm DD:MM:YYYY",
"order_status": "got lost or something idk",
"order_total": 1000000,
"items": [
{
"item_id": 32,
"amount": 10
},
{
"item_id": 43,
"amount": 69
}
]
}