51 lines
1.1 KiB
Markdown
51 lines
1.1 KiB
Markdown
# Unified API V2
|
|
|
|
This service exists so frontend can use one base URL without forcing backend into one codebase.
|
|
|
|
## Base idea
|
|
|
|
Frontend talks to one service:
|
|
|
|
- `krow-api-v2`
|
|
|
|
That gateway does two things:
|
|
|
|
1. exposes auth/session endpoints
|
|
2. forwards requests to the right internal v2 service
|
|
|
|
## Route groups
|
|
|
|
### Auth
|
|
|
|
- `POST /auth/client/sign-in`
|
|
- `POST /auth/client/sign-up`
|
|
- `POST /auth/sign-out`
|
|
- `POST /auth/client/sign-out`
|
|
- `POST /auth/staff/sign-out`
|
|
- `GET /auth/session`
|
|
|
|
### Proxy passthrough
|
|
|
|
- `/core/*` -> `core-api-v2`
|
|
- `/commands/*` -> `command-api-v2`
|
|
- `/query/*` -> `query-api-v2`
|
|
|
|
### Mobile read models
|
|
|
|
These are served by `query-api-v2` but frontend should still call them through the unified host:
|
|
|
|
- `/query/client/*`
|
|
- `/query/staff/*`
|
|
|
|
## Why this shape
|
|
|
|
- frontend gets one base URL
|
|
- backend keeps separate read, write, and service helpers
|
|
- we can scale or refactor internals later without breaking frontend paths
|
|
|
|
## Current auth note
|
|
|
|
Client email/password auth is wrapped here.
|
|
|
|
Staff phone OTP is not wrapped here yet. That still needs its own proper provider-backed implementation rather than a fake backend OTP flow.
|