POST /api/auth/registerPOST /api/auth/login
GET /api/users/{id}PUT /api/users/{id}(file cleaned to remove duplicated content and ensure a single, canonical API reference)
- GET /users/{id}
- PUT /users/{id}
- POST /users/{id}/subscribe
- DELETE /users/{id}/unsubscribe
- GET /posts
- POST /posts (supports MultipartFile for media)
- PUT /posts/{id}
- DELETE /posts/{id}
- POST /posts/{id}/like
- POST /posts/{id}/comment
All endpoints below are mounted under the API base: /api — e.g. GET /api/posts.
- Every protected endpoint requires the
Authorizationheader with a valid JWT:Authorization: Bearer <token>
- Description: List posts (paginated). Returns a Page of
PostDtoobjects ordered bycreatedAtdesc. - Example curl:
curl -H "Authorization: Bearer $TOKEN" "http://localhost:8000/api/posts"- Description: Get a single post by UUID.
- Path param:
postId(UUID) - Example curl:
curl -H "Authorization: Bearer $TOKEN" "http://localhost:8000/api/posts/<POST_ID>"- Description: Create a new post. Uses
multipart/form-dataso you can upload files. - Form parts:
post(required) — JSON string matchingPostCreateDto:title(string, 10-100 chars)content(string, 100-10000 chars)- optional
tagsarray (if your client sends tags)
media(optional) — one or more file parts (images/videos). The controller acceptsmediaas a list of multipart files.
- Validation:
title: required, min 10, max 100content: required, min 100, max 10_000- Media content types: image/* or video/* (audio and other types rejected)
- Example curl (multipart):
curl -v -X POST "http://localhost:8000/api/posts" \
-H "Authorization: Bearer $TOKEN" \
-F 'post={"title":"My Post Title","content":"Long content... (>=100 chars)"};type=application/json' \
-F "media=@/path/to/image.jpg"Example JS (node-fetch + form-data) — same approach used in test/test.js:
const FormData = require('form-data');
const form = new FormData();
form.append('post', JSON.stringify({ title: '...', content: '...'}), { contentType: 'application/json' });
form.append('media', fs.createReadStream('/path/to/image.jpg'));
fetch('http://localhost:8000/api/posts', { method: 'POST', headers: { Authorization: `Bearer ${token}`, ...form.getHeaders() }, body: form })- Description: Update an existing post. Request is
multipart/form-dataand supports the samepostJSON part and optionalmediafiles. - Only the post author may update the post (403 otherwise).
- If
mediaparts are provided, old media will be deleted and replaced. - Example curl:
curl -v -X PUT "http://localhost:8000/api/posts/<POST_ID>" \
-H "Authorization: Bearer $TOKEN" \
-F 'post={"title":"Updated title","content":"Updated long content..."};type=application/json' \
-F "media=@/path/to/new-image.jpg"- Description: Delete a post. Only the author may delete. Returns HTTP 204 on success.
- Example curl:
curl -X DELETE -H "Authorization: Bearer $TOKEN" "http://localhost:8000/api/posts/<POST_ID>"- Description: Toggle or create a like for the current user (depending on implementation). Returns 200 with status.
- Example curl:
curl -X POST -H "Authorization: Bearer $TOKEN" "http://localhost:8000/api/posts/<POST_ID>/like"- Description: Create a comment on a post. Body: JSON
{ "content": "comment text" }. - Example curl:
curl -X POST -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" \
-d '{"content":"Nice post!"}' "http://localhost:8000/api/posts/<POST_ID>/comment"Responses for post endpoints return a PostDto with the following fields:
id(UUID)title(string)content(string)media(array of MediaDto:{ id, mediaUrl, mediaType })author(UserSummaryDto:{ id, username, avatarUrl })createdAt,updatedAt(timestamps)likeCount(int)commentCount(int)likedByCurrentUser(boolean)
- GET /notifications
- PUT /notifications/{id}/read
- POST /report
- GET /admin/reports
- DELETE /admin/reports/{id}
- GET /admin/users
- DELETE /admin/users/{id}
- GET /admin/posts
- DELETE /admin/posts/{id}
- GET /admin/analytics
- GET /chats/{chat_id}/messages
- POST /chats/{chat_id}/messages (supports text/audio/video)