GOBE E-Commerce API Documentation

Welcome to the official API documentation for the GOBE E-Commerce platform.

Base URL

All API endpoints are relative to the following base URL:
Local: http://localhost:8000/api
Prod: https://goba-ecommerce.sunmedagency.com/api

Authentication

Most routes are protected and require a bearer token for access. To authenticate, obtain a token by using the /auth/login or /auth/register endpoints. Include this token in the Authorization header for subsequent requests.

Authorization: Bearer <your-api-token>

---

Seeding

To populate the database with dummy data, run the following command:

php artisan db:seed

This will seed products (with tags), categories, order requests, and more.

---

API Endpoints

Public API Endpoints

Authentication

• POST /auth/register — Register a new user
• POST /auth/login — Login
• POST /auth/logout — Logout
• POST /auth/refresh — Refresh token
• GET /auth/user-profile — Get current user profile

Products

• GET /products — List products

• GET /products/{product} — Get product details

• GET /products/search — Search products

• GET /products/{product}/related — Related products

• GET /products/{product}/reviews — List reviews for product

• POST /products/{product}/reviews — Add review for product

• GET /products/{product}/similar — Similar products

• GET /top-selling-products — Top selling products

• GET /featured-products — Featured products

• GET /offers — Products on offer

• GET /new-arrivals — New arrivals

• GET /best-sellers — Best sellers

• GET /products/tags — All product tags

• GET /products/tags/stats — Tag stats

• GET /products/tags/suggestions — Tag suggestions

• GET /best-sellers

  • limit: sometimes | integer | min:1 | max:100
  • period: sometimes | in:all,month,week

Categories

• GET /categories — List categories
• GET /categories/{category} — Get category details
• GET /categories/{category}/products — Products in category

Orders

• POST /orders — Create order
• GET /orders/{order} — Get order details

Wishlist

• GET /wishlist — List wishlist
• POST /wishlist/{product} — Add to wishlist
• DELETE /wishlist/{product} — Remove from wishlist

Cart

• GET /cart — Get cart
• POST /cart/{product} — Add to cart
• PATCH /cart/{product} — Update cart item
• DELETE /cart/{product} — Remove from cart

Blog / Posts

• GET /posts — List posts
• GET /posts/{post} — Get post details

Miscellaneous

• GET /active-popup — Get active popup
• POST /contact — Send contact message
• GET /sliders — List sliders
• GET /testimonials — List testimonials
• GET /testimonials/random — Random testimonial
• GET /testimonials/by-rating — Testimonials by rating
• GET /about — About info
• POST /order-requests — Request out-of-stock product

Tags (API)

• GET /tags — List tags
• GET /tags/{tag} — Get tag details
• POST /tags — Create tag
• PUT /tags/{tag} — Update tag
• DELETE /tags/{tag} — Delete tag
• GET /tags/{tag}/products — Products by tag

---

Request Validation

All incoming API requests are validated according to predefined rules. If a request fails validation, the API will return a 422 Unprocessable Entity status code with a JSON response detailing the validation errors. The error response will typically look like this:

{
    "message": "The given data was invalid.",
    "errors": {
        "field_name": [
            "The field_name field is required.",
            "The field_name must be at least 8 characters."
        ]
        // ... other fields with their respective errors
    }
}

API Endpoints Validation Rules

Public API Endpoints Validation

Authentication

• POST /auth/register
  • name: required | string | between:2,100
  • email: required | string | email | max:100 | unique:users
  • password: required | string | confirmed | min:6
• POST /auth/login
  • email: required | email
  • password: required | string | min:6

Products

• GET /products/search

  • q: required | string | min:3

• GET /products/tags/suggestions

  • query: required | string | min:2

• GET /best-sellers

  • limit: sometimes | integer | min:1 | max:100
  • period: sometimes | in:all,month,week

Orders

• POST /orders
  • items: required | array
  • items.*.product_id: required | exists:products,id
  • items.*.product_size_id: nullable | exists:product_sizes,id
  • items.*.quantity: required | integer | min:1
  • shipping_name: required | string | max:255
  • shipping_address: required | string | max:255
  • shipping_city: required | string | max:255
  • shipping_state: required | string | max:255
  • shipping_zip: required | string | max:255
  • shipping_country: required | string | max:255
  • shipping_email: required | email
  • coupon_code: nullable | string | exists:coupons,code
• GET /orders/{order}
  • Can be accessed by authenticated users (who own the order) or unauthenticated users providing a valid guest_token in the request.
  • guest_token: sometimes | string | size:32 (Required for unauthenticated access)

Miscellaneous

• POST /contact

  • name: required | string | max:255
  • email: required | email | max:255
  • subject: required | string | max:255
  • message: required | string

• POST /order-requests

  • product_id: required | exists:products,id
  • first_name: required | string
  • last_name: required | string
  • email: required | email
  • phone: required | string
  • quantity: required | integer | min:1
  • message: nullable | string

Cart

• POST /cart/{product}
  • product_size_id: nullable | exists:product_sizes,id
  • quantity: required | integer | min:1
• PATCH /cart/{product}
  • product_size_id: nullable | exists:product_sizes,id
  • quantity: required | integer
• DELETE /cart/{product}
  • product_size_id: nullable | exists:product_sizes,id

Blog / Posts

• POST /posts
  • title: required | string | max:255
  • content: required | string
  • image: nullable | string
• PATCH /posts/{post}
  • title: sometimes | required | string | max:255
  • content: sometimes | required | string
  • image: nullable | string

Products (Reviews)

• POST /products/{product}/reviews
  • name: required | string | max:255
  • email: required | email | max:255
  • rating: required | integer | min:1 | max:5
  • comment: required | string

Wishlist

• POST /wishlist/{product}
  • No specific validation rules are applied directly in the method; the product ID is taken from the URL parameter.
• DELETE /wishlist/{product}
  • No specific validation rules are applied directly in the method; the product ID is taken from the URL parameter.

Users

• POST /users
  • name: required | string | max:255
  • email: required | string | email | max:255 | unique:users
  • password: required | string | min:8
• PATCH /users/{user}
  • name: sometimes | required | string | max:255
  • email: sometimes | required | string | email | max:255 | unique:users,email,{user_id}
  • password: sometimes | required | string | min:8

Tags (API)

• POST /tags
  • name: required | array
  • name.*: required | string | max:255
  • description: nullable | array
  • description.*: nullable | string
• PUT /tags/{tag}
  • name: required | array
  • name.*: required | string | max:255
  • description: nullable | array
  • description.*: nullable | string

Tags (Web/Admin)

• POST /tags
  • name: required | array
  • name.*: required | string | max:255
  • description: nullable | array
  • description.*: nullable | string
• PUT /tags/{tag}
  • name: required | array
  • name.*: required | string | max:255
  • description: nullable | array
  • description.*: nullable | string

---

Admin API Endpoints

All endpoints require admin authentication. Base path: /api/admin

Dashboard

• GET /dashboard — Admin dashboard stats

Products

• GET /products
  • tag: nullable | string (to filter by tag)
  • per_page: nullable | integer (number of items per page, default: 10)
• POST /products
  • name: required | string | max:255
  • description: required | string
  • note: nullable | string
  • price: required | numeric | min:0
  • stock: required | integer | min:0
  • category_id: required | exists:categories,id
  • product_type_id: nullable | exists:product_types,id
  • is_featured: boolean
  • status: in:pending,approved,rejected
  • attachment: nullable | file | mimes:pdf,doc,docx | max:10240
  • images: required | array
  • images.*: image | mimes:jpeg,png,jpg,gif | max:2048
  • sizes: nullable | array
  • sizes.*.name: required | string
  • sizes.*.price: required | numeric
  • sizes.*.stock: required | integer | min:0
  • tags: nullable | array
  • tags.*: string | max:50
• PATCH /products/{product}
  • name: sometimes | required | string | max:255
  • description: sometimes | required | string
  • note: nullable | string
  • price: sometimes | required | numeric | min:0
  • stock: sometimes | required | integer | min:0
  • category_id: sometimes | required | exists:categories,id
  • product_type_id: nullable | exists:product_types,id
  • is_featured: sometimes | boolean
  • status: sometimes | in:pending,approved,rejected
  • images: nullable | array
  • images.*: image | mimes:jpeg,png,jpg,gif | max:2048
  • tags: nullable | array
  • tags.*: string | max:50
• POST /products/tags/bulk-update
  • product_ids: required | array
  • product_ids.*: exists:products,id
  • tags: required | array
  • tags.*: string | max:50
  • action: required | in:add,remove,replace

Categories

• POST /categories
  • name: required | string | max:255 | unique:categories
  • slug: required | string | max:255 | unique:categories
  • image: required | image | mimes:jpeg,png,jpg,gif,svg | max:2048
  • parent_id: nullable | exists:categories,id
• PATCH /categories/{category}
  • name: filled | string | max:255 | unique:categories,name,{category_id}
  • slug: filled | string | max:255 | unique:categories,slug,{category_id}
  • image: filled | image | mimes:jpeg,png,jpg,gif,svg | max:2048
  • parent_id: nullable | exists:categories,id

Product Types

• POST /product-types
  • name: required | string | max:255
  • category_id: required | exists:categories,id
• PATCH /product-types/{productType}
  • name: sometimes | required | string | max:255
  • category_id: sometimes | required | exists:categories,id

Orders

• PATCH /orders/{order}
  • status: required | string | in:pending,processing,shipped,delivered,cancelled
• DELETE /orders/bulk-delete
  • ids: required | array
  • ids.*: exists:orders,id
• GET /invoices — List invoices

Customers

• GET /customers — List customers
• POST /customers — Create customer
• GET /customers/{customer} — Get customer details
• PATCH /customers/{customer} — Update customer
• DELETE /customers/{customer} — Delete customer
• DELETE /customers/bulk-delete — Bulk delete customers

Coupons

• GET /coupons — List coupons
• POST /coupons — Create coupon
• GET /coupons/{coupon} — Get coupon details
• PATCH /coupons/{coupon} — Update coupon
• DELETE /coupons/{coupon} — Delete coupon
• DELETE /coupons/bulk-delete — Bulk delete coupons

Popups

• POST /popups
  • name: required | string | max:255
  • title: required | string | max:255
  • content: required | string
  • display_type: nullable | string | max:50
  • css_class: nullable | string | max:50
  • size: nullable | string | max:50
  • animation: nullable | string | max:50
  • position: nullable | string | max:50
  • is_active: boolean
• PATCH /popups/{popup}
  • name: sometimes | required | string | max:255
  • title: sometimes | required | string | max:255
  • content: sometimes | required | string
  • display_type: nullable | string | max:50
  • css_class: nullable | string | max:50
  • size: nullable | string | max:50
  • animation: nullable | string | max:50
  • position: nullable | string | max:50
  • is_active: sometimes | boolean

Sliders

• POST /sliders
  • title: required | string | max:255
  • description: nullable | string
  • image: required | string
  • link: nullable | string
  • is_active: boolean
• PATCH /sliders/{slider}
  • title: sometimes | required | string | max:255
  • description: nullable | string
  • image: sometimes | required | string
  • link: nullable | string
  • is_active: sometimes | boolean

Reviews

• GET /reviews — List reviews (filter/search/paginate)
• GET /reviews/{review} — Get review details
• PATCH /reviews/{review}
  • status: sometimes | required | in:pending,approved,rejected
  • comment: sometimes | required | string
  • rating: sometimes | required | integer | min:1 | max:5
• DELETE /reviews/{review} — Delete review

Tags (Admin)

• GET /tags — List tags with stats
• GET /tags/statistics — Tag usage statistics
• GET /tags/analytics — Tag analytics
• GET /tags/suggestions — Tag suggestions
• GET /tags/cleanup — Unused tags
• GET /tags/{tag}/products — Products by tag
• POST /tags/bulk-update — Bulk update tags
• POST /tags/merge — Merge tags
• GET /tags/export — Export tags to CSV
• GET /tags/recommendations — Tag recommendations for product

Settings (Site)

• POST /settings
  • settings: required | array

Profile (Admin)

• PATCH /profile
  • name: sometimes | required | string | max:255
  • email: sometimes | required | email | max:255 | unique:users,email,{user_id}
  • phone: sometimes | nullable | string | max:32
  • location: sometimes | nullable | string | max:255
  • bio: sometimes | nullable | string | max:1000
  • avatar: sometimes | nullable | image | max:2048
• PATCH /profile/password
  • current_password: required | string
  • password: required | string | min:8 | confirmed

---

Note: All endpoints require authentication unless otherwise specified. For file uploads (e.g., avatar), use multipart/form-data.

For more details on request/response formats, see the controller code or ask for specific examples.