# NCU Court Backend API ## Public Endpoint - `https://ncu-court.memery.app` - The data in this endpoint will be saved in `ncu-court-prod` database - <font color="red">**DO NOT change the data in database manually, every update must go through API**</font> ## Auth API **`POST /api/auth/login`** | Body | Type | Comment | | -------- | -------- | -------- | | studentId | string | required | | password | string | required | **`POST /api/register`** | Body | Type | Comment | | -------- | -------- | -------- | | name | string | required | | email | string | required | | studentId | string | required | | password | string | required | | phone | string | required | ## Users API **`GET /api/users/profile`** - Get the user profile yourselves **`GET /api/users`** | Query String | Type | Comment | | -------- | -------- | -------- | | keyword | string | optional | | role | string | optional (`regular`,`admin`, `superAdmin`) | | sortBy | string | optional (`createdTime`, `lastModified`) | **`PUT /api/users`** | Body | Type | Comment | | -------- | -------- | -------- | | name | string | optional | | email | string | optional | | studentId | string | optional | | oldPassword | string | optional | | newPassword | string | optional | | phone | string | optional | **`DELETE /api/users/:id`** - Soft delete (`role=deleted`) ## Court API **`GET /api/courts`** | Query String | Type | Comment | | -------- | -------- | -------- | | name | string | optional | | type | string | optional (`badminton`, `basketball`, `tennis`, `volleyball`) | **`POST /api/courts`** - content type of post body should be `form-data` | Body | Type | Comment | | -------- | -------- | -------- | | photo | file | required | | name | string | required | | price | string | required (should be a number string) | | type | string | required (`badminton`, `basketball`, `tennis`, `volleyball`) | **`PUT /api/courts/:id`** - **TODO**: This API is not finished | Body | Type | Comment | | -------- | -------- | -------- | | photo | file | optional | | name | string | optional | | price | string | optional (should be a number string) | | type | string | optional (`badminton`, `basketball`, `tennis`, `volleyball`) | **`DELETE /api/courts/:id`** - This API only update the field `beReserved=false` for given court id to delete court ## Reservation API **`GET /api/reservations`** - regular users can only find their reservations - admin/superAdmin users can find all reservations | Query String | Type | Comment | | -------- | -------- | -------- | | courtId | string | optional | | time | string | optional (`8:00`,`9:00` ... `20:00`) | | date | string | optional (yyyy/mm/dd) | **`GET /api/allReservations`** - get all reservations | Query String | Type | Comment | | -------- | -------- | -------- | | courtId | string | optional | | time | string | optional (`8:00`,`9:00` ... `20:00`) | | date | string | optional (yyyy/mm/dd) | **`POST /api/reservations`** | Body | Type | Comment | | -------- | -------- | -------- | | courtId | string | required | | time | string | required (`8:00`,`9:00` ... `20:00`) | | date | string | required (yyyy/mm/dd) | **`DELETE /api/reservations/:id`** - Delete reservation for given reservation id - `regular` users can delete their own reservation - `admin` and `superAdmin` can delete any reservation ## Message API **`GET /api/messages`** | Query String | Type | Comment | | -------- | -------- | -------- | | courtId | string | required | **`POST /api/messages`** | Body | Type | Comment | | -------- | -------- | -------- | | courtId | string | required | | content | string | required | **`DELETE /api/messages/:id`** - Delete message for given message id - Users can only delete their message