# Nanibank ## Convention The params that needed for the request will be provided in `querystring` and `body` if the method is `GET` or `other` perspective. All requests are required `timestamp` header that specified the time when request sent. Request always return two field `Status` and `Message` for describing the state of the request, the information in **Return** only describe the extra information when the request was successfully. ## Middleware Most of information for satifying the middleware is placed in the header ### Time validation For determining if the request is deprecated. Time validation required unix timestamp. **Note that time validation is applied to all request** **Header** <pre> - timestamp: request's sending time </pre> ### User validation Required access-token **Header** <pre> - access-token: access token that could be obtained via login </pre> ### Otp validation Otp validation for transaction or important request. Each otp has 30 seconds time expire. **Header** <pre> - access-token: access-token obtained via login or specified request - key: key obtained via create otp - otp: otp obtained via create otp </pre> ## Customer ### Get customer information Return the information of a specified customer id or username, only one param is needed. If both are filled, customer id will be used instead **Prerequisite**: `User validation` **Path**: `users/customer/info` **Method**: `GET` **Param**: <pre> - customer_id (1): id of the customer - username (1) : username of the customer </pre> **Return**: <pre> - Info </pre> ### Login **Path**:`/users/customer/login` **Method**: `POST` **Param**: <pre> - username - password </pre> **Return**: <pre> - Token::string : access-token (expired after 15mins) - Customer::Data: information of the customer </pre> ### Refresh Refresh a specified access token. Both access token and refresh token is needed due to security. **Path**: `/users/customer/refresh` **Method**: `POST` **Param**: <pre> - access_token - refresh_token </pre> **Return**: <pre> - Token: new access token </pre> ### Register **Path**:`/users/customer/` **Method**: `POST` **Param**: <pre> - username::string: login name of the account - password::string : password of the account - name - email - phone </pre> **Return**: <pre> - Status::bool : status of the request - Message::string : description for the request - User::Data : result of the registration </pre> ### Forgot Password Forgot password need a chains of action for resetting the current password. Due to user does not have access token thus `s-create` is needed for creating access token. **Prerequisite**: OTP **Path**: `/users/password/reset` **Method**: `POST` **Param**: <pre> - username - email - new_password </pre> ### Change Password Change password require old, new password and username of the account **Prerequisite**: `User validation` **Path**: `/users/password/change` **Method**: `POST` **Param**: <pre> - old_password - new_password - username </pre> ## Receiver Receiver provides 3 methods: `GET`, `POST`, `DELETE` perspective with the usage **Prerequisite**: `User Validation` **Path**: `/users/customer/receiver` **Method**: `POST`, `GET`, `DELETE` **Param**: <pre> POST: - customer_id: id of the customer - receiver: account number of the receiver - remind_name: remind name GET: - customer_id: id of the customer DELETE: - customer_id: id of the customer - receiver: account number of the receiver </pre> **Return**: <pre> - Receiver (GET and POST): information of the receiver </pre> ## Debt Debt provides 3 methods: `GET`, `POST`, `DELETE` perspective with the usage. A debt is distinguished by the creditor and the debt's name thus a creditor cannot have 2 debt with the same name. **Prerequisite**: `User Validation` **Path**: `/debt/` **Method**: `POST`, `GET`, `DELETE` **Param**: <pre> POST: - creditor::int64: customer id of the creditor - debtor::int64: customer id of the debtor - name::string: debt's name - amount::float: amount of money - issue_date::unix-timestamp: time when the debt expired. GET: - customer_id::int64: id of the customer that related to any debt DELETE: - id: id of the debt </pre> **Return**: <pre> - Debt (POST AND GET): debt information </pre> ### Pay Debt Order to pay a debt, debtor must have enough money in the debit account to pay. **Prerequisite**: `User Validation`, `OTP` **Path**: `/debt/pay` **Method**: `POST` **Param**: <pre> POST: - id::int64: id of the debt need to be paid. GET: - customer_id::int64: id of the customer that related to any debt DELETE: - id: id of the debt </pre> **Return**: <pre> - Debt (POST AND GET): debt information </pre> ## Transaction Transaction include charge, draw and transfer for debit account ### Charge **Prerequisite**: `User Validation`, `OTP` **Path**: `/transaction/charge` **Method**: `POST` **Param**: <pre> - id: account id of the debit account that need to be charged. - amount: amount of money for charging to the account </pre> **Return**: <pre> - Account: account information after charge </pre> ### Draw **Prerequisite**: `User Validation`, `OTP` **Path**: `/transaction/draw` **Method**: `POST` **Param**: <pre> - id: account id of the debit account that need to be drawed. - amount: amount of money for drawing from the account </pre> **Return**: <pre> - Account: account information after draw </pre> ### Transfer **Prerequisite**: `User Validation`, `OTP` **Path**: `/transaction/transfer` **Method**: `POST` **Param**: <pre> - from: debit account id of the sender - to: debit account id of the receiver - amount: amount of money need to be transfered - message: message to the receiver </pre> ### History **Path**: `/transaction/history` **Method**: `GET` **Param**: <pre> - id: account id - filter (optional) (default by "both"): filter type, include "both", "receiver", "sender". </pre> **Return**: <pre> - Histories: list of related histories </pre> ## Employee ### Login **Path**: `/users/employee/login` **Method**: `POST` **Param**: same as Customer [Login](#1-login) ### Create **Path**: `/users/employee/create` **Method**: `POST` **Param**: same as Customer [Register](#register) ## Admin ### Login **Path**: `/users/admin/login` **Method**: `POST` **Param**: same as Customer [Login](#1-login) ## Common User ### Login Login to a specified account in any role, the priority is customer -> admin -> employee **Path**: `/users/login` **Method**: `POST` **Param**: sae as Customer [Login](#1-login) **Return**: <pre> - type: type of account, 1, 6, 9 for customer, admin, employee perspective </pre> ### Create **Path**: `/users/admin/create` **Method**: `POST` **Param**: same as Customer [Register](#register) ## Otp ### Create Create an OTP and send the OTP to the email of the user **Prerequisite**: `User Validation` **Path**: `/otp/create` **Method**: `GET` **Param**: <pre> - customer_id: id of the customer </pre> **Return**: <pre> - Otp - Key </pre> ### Specified Create Create an OTP in emergency case, only need the username **Path**: `/otp/s-create` **Method**: `GET` **Param**: <pre> - username: username of the customer </pre> **Return**: <pre> - Otp - Key - Access Token </pre> ## Partner ### Transfer Transfer money to specified account of Nanibank **Prerequisite**: `Hash validation`, `Partner Validation`, `Signature Validation` **Path**: `/partner/transfer` **Method**: `POST` **Param**: <pre> - id: id of the debit account in Nanibank - amount: amount of money need to be transfered </pre> **Return**: <pre> - signature </pre> ### Get Partner Key Get key of a specified partner **Prerequisite**: `User Validation` **Path**: `/partner/key` **Method**: `GET` **Param**: <pre> - partner_name: name of the partner </pre> **Return**: <pre> - Key </pre> ### Get User information from Debit Account id Get information of a specified user by providing the debit account id. **Prerequisite**: `Partner Validation` **Path**: `/partner/` **Method**: `POST` **Return**: <pre> - Info: include public information of the user </pre> ## Debit ### Get debit account Return a debit account by provide debit account id or id of the owner, only one param is needed, if both are filled debit_id will be used. **Path**: `/debit/` **Method**: `GET` **Param**: <pre> - debit_id: id of the debit account - owner: id of the owner </pre> ## Saving account ### Get a specified saving account Return a specified account by name and owner **Prerequisite**: `User validation` **Path**: `/saving/` **Method**: `GET` **Param**: <pre> - name: name of the saving account - owner: customer id of the owner </pre> **Return**: <pre> - Saving </pre> ### Get saving accounts of a specified user Return saving accounts of a specified user **Prerequisite**: `User validation` **Path**: `/saving/s` **Method**: `GET` **Param**: <pre> - owner: customer id of the owner </pre> **Return**: <pre> - Saving </pre>