http://localhost:3000
All protected endpoints require JWT Bearer token in the Authorization header:
Authorization: Bearer <access_token>
Tokens are obtained via /api/auth/login endpoint.
| Tag | Description |
|---|---|
| Auth | Authentication, profile, and balance management |
| Trainings | Trainers, trainings, and schedule |
| Booking | Training bookings and waitlist |
| Notifications | User notifications |
| Health | Health check |
POST /api/auth/register
Request Body:
{
"email": "user@example.com",
"password": "password123",
"name": "John Doe",
"phone": "+1234567890",
"birthDate": "1990-01-01",
"gender": "male"
}Response: 201 Created
{
"accessToken": "jwt-access-token",
"user": "user-created-object"
}POST /api/auth/login
Request Body:
{
"email": "user@example.com",
"password": "password123"
}Response: 200 OK
{
"accessToken": "jwt-access-token"
}// Set-Cookie: refreshToken=...
POST /api/auth/refresh
NO Request Body: Cookie: refreshToken=...
Response: 200 ОК
{
"accessToken": "jwt-access-token"
}POST /api/auth/logout
Auth: Required (Bearer)
Response: 201 Created
GET /api/auth/me
Auth: Required (Bearer)
Response: 200 OK
PATCH /api/auth/me
Auth: Required (Bearer)
Request Body: Same as Register
Response: 200 OK
GET /api/auth/balance
Auth: Required (Bearer)
Response: 200 OK
POST /api/auth/balance/deposit
Auth: Required (Bearer)
Request Body:
{
"userId": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
"amount": 100,
"description": "Deposit for training"
}Response: 201 Created
POST /api/auth/balance/reserve
Auth: Required (Bearer)
Request Body:
{
"userId": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
"amount": 500,
"description": "Reserve for training"
}Response: 201 Created
POST /api/auth/balance/release
Auth: Required (Bearer)
Request Body:
{
"userId": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
"amount": 500,
"description": "Release reserved funds"
}Response: 201 Created
POST /api/auth/balance/refund
Auth: Required (Bearer)
Request Body:
{
"userId": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
"amount": 500,
"description": "Refund for cancelled training"
}Response: 201 Created
GET /api/auth/transactions
Auth: Required (Bearer)
Response: 200 OK
GET /api/trainers
Auth: Required (Bearer)
Response: 200 OK
GET /api/trainers/{id}
Auth: Required (Bearer)
Parameters:
id(path) - Trainer UUID
Response: 200 OK
POST /api/trainers
Auth: Required (Bearer + Admin role)
Request Body:
{
"name": "John Smith",
"bio": "Experienced fitness trainer",
"avatarUrl": "https://example.com/avatar.jpg"
}Response: 201 Created
PATCH /api/trainers/{id}
Auth: Required (Bearer + Admin role)
Parameters:
id(path) - Trainer UUID
Request Body:
{
"name": "John Smith",
"bio": "Updated bio",
"avatarUrl": "https://example.com/new-avatar.jpg",
"isActive": true
}Response: 200 OK
DELETE /api/trainers/{id}
Auth: Required (Bearer + Admin role)
Parameters:
id(path) - Trainer UUID
Response: 200 OK
GET /api/trainings
Auth: Required (Bearer)
Response: 200 OK
GET /api/trainings/{id}
Auth: Required (Bearer)
Parameters:
id(path) - Training UUID
Response: 200 OK
POST /api/trainings
Auth: Required (Bearer + Admin role)
Request Body:
{
"title": "Morning Yoga",
"description": "A relaxing yoga session",
"type": "yoga",
"trainerId": "550e8400-e29b-41d4-a716-446655440000",
"scheduledAt": "2024-01-15T10:00:00Z",
"durationMinutes": 60,
"capacity": 20,
"price": 500
}Training Types: yoga, pilates, crossfit, boxing, strength, cardio, dance, stretching
Response: 201 Created
PATCH /api/trainings/{id}
Auth: Required (Bearer + Admin role)
Parameters:
id(path) - Training UUID
Request Body:
{
"title": "Updated Yoga",
"status": "cancelled"
}Training Status: scheduled, cancelled, completed
Response: 200 OK
DELETE /api/trainings/{id}
Auth: Required (Bearer + Admin role)
Parameters:
id(path) - Training UUID
Response: 200 OK
GET /api/schedule
Auth: Required (Bearer)
Response: 200 OK
GET /api/schedule/{date}
Auth: Required (Bearer)
Parameters:
date(path) - Date in formatYYYY-MM-DD
Response: 200 OK
GET /api/bookings
Auth: Required (Bearer)
Response: 200 OK
GET /api/bookings/{id}
Auth: Required (Bearer)
Parameters:
id(path) - Booking UUID
Response: 200 OK
POST /api/bookings
Auth: Required (Bearer)
Request Body:
{
"trainingId": "550e8400-e29b-41d4-a716-446655440000"
}Response: 201 Created
DELETE /api/bookings/{id}
Auth: Required (Bearer)
Parameters:
id(path) - Booking UUID
Request Body:
{
"reason": "Unable to attend"
}Response: 200 OK
GET /api/waitlist
Auth: Required (Bearer)
Response: 200 OK
GET /api/waitlist/{trainingId}
Auth: Required (Bearer)
Parameters:
trainingId(path) - Training UUID
Response: 200 OK
POST /api/waitlist
Auth: Required (Bearer)
Request Body:
{
"trainingId": "550e8400-e29b-41d4-a716-446655440000"
}Response: 201 Created
DELETE /api/waitlist/{trainingId}
Auth: Required (Bearer)
Parameters:
trainingId(path) - Training UUID
Response: 200 OK
GET /api/notifications
Auth: Required (Bearer)
Response: 200 OK
GET /api/notifications/{id}
Auth: Required (Bearer)
Parameters:
id(path) - Notification UUID
Response: 200 OK
DELETE /api/notifications/{id}
Auth: Required (Bearer)
Parameters:
id(path) - Notification UUID
Response: 200 OK
DELETE /api/notifications
Auth: Required (Bearer)
Response: 200 OK
GET /api/notifications/unread-count
Auth: Required (Bearer)
Response: 200 OK
PATCH /api/notifications/{id}/read
Auth: Required (Bearer)
Parameters:
id(path) - Notification UUID
Response: 200 OK
PATCH /api/notifications/read-all
Auth: Required (Bearer)
Response: 200 OK
GET /health
Auth: Not required
Response: 200 OK
User Gender:
malefemale
Training Type:
yogapilatescrossfitboxingstrengthcardiodancestretching
Training Status:
scheduledcancelledcompleted
Booking Status:
confirmedcancelledcompleted
Full OpenAPI 3.0 specification available at: openapi.json
You can view it in:
- Swagger Editor
- Swagger UI (when backend is running)