API Demo Flow
1. Get CSRF Token
2. Sign In
3. Access Protected Endpoints
API Documentation
GET /csrf-token
Get CSRF token for form submission protection
Response:
{
"csrfToken": "string",
"expires": "ISO date"
}
POST /signin
Authenticate user (requires CSRF token)
Request Headers:
X-CSRF-Token: <csrf-token>
Request Body:
{
"email": "string",
"password": "string"
}
Response Cookies:
accessToken, refreshToken
POST /signup
Register new user (requires CSRF token)
Request Body:
{
"username": "string",
"email": "string",
"password": "string",
"passwordConfirmation": "string"
}
POST /logout
Invalidate user session
Response: Clears authentication cookies
Pet Management Endpoints
POST /pet
Create a new pet (requires CSRF token and authentication)
Headers:
X-CSRF-Token: <csrf-token>
Content-Type: application/json
Request Body:
{
"name": "string (required)",
"breed": "string",
"age": "number",
"gender": "string",
"ownerId": "number",
"description": "string",
"careSuggestions": "string",
"animalType": "string (required)"
}
Response (201 Created):
{
"pet": {
"id": 1,
"name": "Buddy",
"breed": "Golden Retriever",
"age": 3,
"ownerId": 1,
"createdAt": "2024-02-20T12:34:56.789Z"
}
}
GET /pets
Get all pets for current user (requires authentication)
Response (200 OK):
{
"pets": [
{
"id": 1,
"name": "Buddy",
"animalType": "Dog",
"ownerId": 1
}
]
}
GET /pet/:id
Get specific pet details (requires authentication)
Path Parameters:
:id - Pet ID (number)
Response (200 OK):
{
"pet": {
"id": 1,
"name": "Buddy",
"breed": "Golden Retriever",
"age": 3,
"careSuggestions": "Regular brushing needed",
"createdAt": "2024-02-20T12:34:56.789Z"
}
}
Error (404 Not Found):
{
"error": "Pet not found",
"code": "pet_not_found"
}
PUT /pet/:id
Update existing pet (requires CSRF token and authentication)
Headers:
X-CSRF-Token: <csrf-token>
Content-Type: application/json
Request Body:
{
"name": "Updated Name",
"age": 4,
"careSuggestions": "New care instructions"
}
Response (200 OK):
{
"pet": {
"id": 1,
"name": "Updated Name",
"age": 4,
...
}
}
DELETE /pet/:id
Delete a pet (requires CSRF token and authentication)
Response (200 OK):
{
"pet": {
"id": 1,
"name": "Buddy",
...
}
}
Task Management Endpoints
POST /task
Create new task (requires CSRF token and authentication)
Headers:
X-CSRF-Token: <csrf-token>
Content-Type: application/json
Request Body:
{
"title": "string (required)",
"description": "string",
"priority": "low|medium|high",
"dueDate": "ISO date string"
}
Response (201 Created):
{
"task": {
"id": 1,
"title": "Buy pet food",
"priority": "high",
"completed": false,
"ownerId": 1,
"createdAt": "2024-02-20T12:34:56.789Z"
}
}
GET /tasks
Get all tasks for current user (requires authentication)
Response (200 OK):
{
"tasks": [
{
"id": 1,
"title": "Buy pet food",
"completed": false,
"dueDate": "2024-02-25"
}
]
}
PUT /task/:id
Update existing task (requires CSRF token and authentication)
Headers:
X-CSRF-Token: <csrf-token>
Content-Type: application/json
Request Body:
{
"completed": true,
"priority": "medium"
}
Response (200 OK):
{
"task": {
"id": 1,
"completed": true,
"priority": "medium",
...
}
}
DELETE /task/:id
Delete a task (requires CSRF token and authentication)
Response (200 OK):
{
"task": {
"id": 1,
"title": "Buy pet food",
...
}
}