spurrin-cleaned-backend-dev/docs/API.md

API Documentation

Authentication

All API endpoints require authentication using JWT tokens.

Headers

Authorization: Bearer <token>

Endpoints

Authentication

• POST /api/users/hospital-users/login - Generates userId, roleId and roleName from given user cridentials
• GET /api/users/refresh-token/{{user_id}}/{{role_id}} - Generates refresh token for hospitals and their users with roles namely Admin Superadmin, Spurrinadmin and Viewer
• POST /api/users/get-access-token - Generates access token for hospitals and their users with roles namely Admin, Superadmin and Viewer
• POST /api/auth/refresh - Generates access token for Spurrinadmin
• POST /api/auth/login - Login with token validation and hospital status check (for hospital users)

Spurrinadmin

• GET /api/super-admin - Get all super admins
• POST /api/super-admin/initialize - Add new super admin
• DELETE /api/super-admin/:id - Delete super admin

Hospitals

• POST /api/hospitals/create-hospital Create hospital

• PUT /api/hospitals/update/:id - Update hospital details

• DELETE /api/hospitals/delete/:id - Delete hospital

• GET /api/hospitals/list - Get list of hospitals

• GET /api/hispitals/list/:{hospital_id} - get hospital by id

• GET /api/hospitals/users - get list of hospital users

• GET /api/hospitals/colors - get colors from hospital

  SuperAdmin

• POST /api/hospitals/send-temp-password - send temporary password to email

• POST /api/hospitals/change-password - change the temporary password

  Admin and viewer

• POST /api/hospitals/send-temp-password-av - send temporary password to email

• POST /api/hospitals/change-password-av - send temporary password

• POST /api/hospitals/update-admin-name - update admin name

• POST /api/hospitals/check-user-notification - Check new app user notification regarding notification

• PUT /api/hospitals/update-user-notification/:id - Update app user notification status to checked (boolean)

• POST /api/hospitals/interaction-logs - Get interaction logs of hospital's app users

• PUT /api/hospitals/public-signup/:id - Update allow public signup

Users

• POST /api/users/add-user - add new user to hospital

• PUT /api/users/edit-user/:id - edit hospital user

• delete /api/users/add-user - delete hospital user

• POST /api/upload-profile-photo - upload profile photo

• PUT /api/users/update-password/:id - update password of user

• POST /api/users/get-spu-access-token - Get SpurrinAdmin access token

• POST /api/users/hospital-users/login - Get hospital user ID

• POST /api/users/logout - User logout

• GET /api/users/refresh-token/:user_id/:role_id - Get refresh token by user ID

App Users

• POST /api/app-users/signup - App user registration
• POST /api/app-users/login - App user login
• PUT /api/app-users/hitlike - Like interaction
• PUT /api/app-users/query-title - Update query title
• DELETE /api/app-users/query-title - Delete query title
• PUT /api/app-users/like-session - Like session
• PUT /api/app-users/approve-user/:appUserId - Approve app user
• DELETE /api/app-users/:userId - Delete app user

Documents

• PUT /api/documents/update-status/:id - Update document status
• DELETE /api/documents/delete/:id - Delete document

Feedback

• POST /api/feedbacks/app-user/submit - Submit app user feedback

Analytics

• POST /api/analytics/hospitals/active - Get active hospitals analysis

Excel Data

• POST /api/excel-data - Upload bulk users

System

• GET /health - Health check endpoint
• POST /api/sync-database - Database synchronization (development only)
• GET / - Root endpoint

Role-Based Access Control

Some endpoints require specific roles:

• Spurrinadmin - Role ID 6
• Superadmin - Role ID 7
• Admin - Role ID 8
• Viewer - Role ID 9

File Upload

• Supported file types: Images, documents like pdf
• Upload directory: /uploads/id_photos/ /uploads/documents/ /uploads/profile_photos