API_DOCUMENTATION.md

API Documentation

Authentication

All API endpoints (except public ones like GET /events) require authentication. Include the session token in the request cookies or Authorization header.

• Base URL: /api

Endpoints

1. Events

GET /api/events

Retrieve a list of all events.

• Query Parameters:
  • page: Page number (default: 1)
  • category: Filter by category ID
  • search: Search term for title/description
• Response:

  {
    "data": [
      {
        "id": "cl...",
        "title": "Tech Conference 2026",
        "date": "2026-05-20T09:00:00Z",
        "price": 100,
        "organizerId": "user_123"
      }
    ],
    "meta": { "total": 50, "page": 1 }
  }

POST /api/events

Create a new event (Organizer only).

• Body:

  {
    "title": "New Workshop",
    "description": "Learn Next.js",
    "date": "2026-06-01",
    "location": "Jakarta",
    "categoryId": "cat_123",
    "price": 50,
    "capacity": 100
  }

• Response: 201 Created

2. Bookings

POST /api/bookings

Book a ticket for an event.

• Body:

  {
    "eventId": "event_123",
    "quantity": 2
  }

• Response:

  {
    "bookingId": "book_456",
    "status": "PENDING",
    "totalAmount": 100
  }

3. Auth

POST /api/auth/register

Register a new user.

• Body:

  {
    "email": "user@example.com",
    "password": "securepassword",
    "name": "John Doe"
  }

4. Reviews

POST /api/reviews

Add a review to an event.

• Body:

  {
    "eventId": "event_123",
    "rating": 5,
    "comment": "Amazing experience!"
  }

5. Notifications

GET /api/notifications

Get user notifications.

• Response: List of notification objects.

PATCH /api/notifications/[id]

Mark a notification as read.

Error Handling

Standard HTTP status codes are used:

• 200: Success
• 201: Created
• 400: Bad Request (Validation Error)
• 401: Unauthorized
• 403: Forbidden
• 404: Not Found
• 500: Internal Server Error

Error Body Example:

{
  "error": "Invalid input data",
  "details": ["Title is required"]
}