# CodeIgnite Website API Documentation ## Base URLs - Development: `http://localhost:5000` - Production: `https://your-domain.com` ## Authentication Protected routes use a Bearer token: ```http Authorization: Bearer ``` ## Standard success response ```json { "success": true, "message": "Operation successful", "data": {} } ``` ## Standard error response ```json { "success": false, "message": "Validation failed", "error": { "code": "INVALID_INPUT", "details": null } } ``` ## Health ### GET `/api/health` Checks API status. --- ## Auth endpoints ### POST `/api/auth/signup` Create a new user. Request: ```json { "name": "Admin User", "email": "admin@codeignite.com", "password": "password123" } ``` ### POST `/api/auth/login` Login with email and password. Request: ```json { "email": "admin@codeignite.com", "password": "password123" } ``` ### POST `/api/auth/social-login` Login with Google. Request: ```json { "provider": "google", "idToken": "google_id_token" } ``` ### GET `/api/auth/me` Returns the logged-in user. ### POST `/api/auth/logout` Client-safe logout acknowledgement endpoint. --- ## Product endpoints ### GET `/api/products` Optional query parameters: - `category` - `serviceType` - `isActive` ### GET `/api/products/:id` Get one product. ### POST `/api/products` Admin only. Request: ```json { "title": "CodeIgnite Ad Blocker", "image": "https://example.com/adblocker.png", "description": "Premium ad blocker extension", "url": "https://example.com/adblocker", "category": "extension", "serviceType": "independent", "price": 10, "currency": "USD", "metadata": { "browserSupport": ["chrome", "opera mini"] } } ``` ### PUT `/api/products/:id` Admin only. Partial update supported. ### DELETE `/api/products/:id` Admin only. Soft deletes by setting `isActive` to `false`. --- ## Payment endpoints ### POST `/api/payments/paypal/create-order` Creates a PayPal payment and returns an approval URL. Request: ```json { "userId": "user_document_id", "productId": "product_document_id" } ``` ### POST `/api/payments/paypal/capture-order` Finalizes payment after user approves it on PayPal. Request: ```json { "paymentId": "PAYPAL_PAYMENT_ID", "payerId": "PAYPAL_PAYER_ID", "userId": "user_document_id", "productId": "product_document_id" } ``` ### GET `/api/payments/check-access?userId=...&productId=...` Checks whether a user has paid for a product. ### GET `/api/payments/history` Protected route. Returns the authenticated user's payment history unless `userId` is provided. --- ## Firestore collections ### users ```json { "name": "John Doe", "email": "john@example.com", "passwordHash": "...", "provider": "email", "photoUrl": "", "role": "user", "createdAt": "timestamp", "updatedAt": "timestamp" } ``` ### products ```json { "title": "CodeIgnite Ad Blocker", "image": "", "description": "Premium ad blocker extension", "url": "", "category": "extension", "serviceType": "independent", "price": 10, "currency": "USD", "isActive": true, "metadata": {}, "createdAt": "timestamp", "updatedAt": "timestamp" } ``` ### payments ```json { "userId": "...", "productId": "...", "paymentProvider": "paypal", "paymentStatus": "created", "amount": 10, "currency": "USD", "paypalPaymentId": "...", "approvalUrl": "...", "createdAt": "timestamp", "updatedAt": "timestamp" } ``` ### accessRecords ```json { "userId": "...", "productId": "...", "paymentId": "...", "hasAccess": true, "accessType": "one_time_payment", "grantedAt": "timestamp", "updatedAt": "timestamp" } ```