YetiRides API Documentation

v1.0

Welcome to the YetiRides API! This comprehensive API allows you to manage trekking adventures, blog content, and customer bookings for your adventure tourism business.

System Architecture

graph TB
    Client[Client Applications]
    API[YetiRides API]
    Auth[Authentication Service]
    DB[(Database)]
    reCAPTCHA[Google reCAPTCHA]
    Storage[File Storage]
    Email[Email Service]

    Client -->|HTTP/HTTPS| API
    API -->|Authenticate| Auth
    API -->|CRUD Operations| DB
    API -->|Bot Protection| reCAPTCHA
    API -->|File Operations| Storage
    API -->|Notifications| Email

    subgraph Backend Services
        API
        Auth
        DB
        Storage
        Email
    end

Trek Booking Flow

sequenceDiagram
    participant C as Customer
    participant A as API
    participant R as reCAPTCHA
    participant E as Email Service
    participant Admin as Admin

    C->>A: Submit Booking Request
    A->>R: Verify reCAPTCHA Token
    R-->>A: Validation Result
    
    alt Valid Token
        A->>A: Process Booking
        A->>E: Send Email to Admin
        A-->>C: Booking Confirmation
        E->>Admin: New Booking Notification
    else Invalid Token
        A-->>C: Error Response
    end

Authentication Flow

flowchart LR
    A[Start] --> B{Has Token?}
    B -->|Yes| C[Validate Token]
    B -->|No| D[Login Required]
    C -->|Valid| E[Access Granted]
    C -->|Invalid| D
    D --> F[Login]
    F --> G[Generate Token]
    G --> E

Trek Management Flow

flowchart TD
    A[Admin] -->|Login| B[Dashboard]
    B -->|Manage Treks| C[Trek Management]
    B -->|Manage Blogs| D[Blog Management]
    B -->|View Bookings| E[Booking Management]
    
    C -->|Add Trek| C1[New Trek Form]
    C -->|Edit Trek| C2[Edit Trek Form]
    C -->|Delete Trek| C3[Confirm Delete]
    
    D -->|Add Blog| D1[New Blog Form]
    D -->|Edit Blog| D2[Edit Blog Form]
    D -->|Delete Blog| D3[Confirm Delete]
    
    E -->|New Bookings| E1[Process Bookings]
    E -->|Contact Enquiries| E2[Handle Enquiries]

Data Model Relationships

erDiagram
    User ||--o{ Booking : makes
    User ||--o{ ContactUs : submits
    Trek ||--o{ Booking : receives
    Blog ||--|| User : created_by
    
    User {
        int id
        string name
        string email
        string role
        string address
        string phone
    }
    
    Trek {
        int id
        string data_type
        string title
        string location
        decimal price
        string duration
        string difficulty
        string type
        float distance_km
        text description
        string featured_image
        boolean is_featured
        boolean is_active
        json trek_days
    }
    
    Blog {
        int id
        string title
        text content
        string featured_image
        boolean is_active
        int user_id
    }
    
    Booking {
        int id
        string trek_name
        string name
        string email
        string country
        string phone
        int adults
        int children
        string subject
        text message
    }

Role-based Access Control

Admin

Full system access and management

  • Create, update, and delete treks
  • Manage blog content
  • View all booking enquiries
  • Access contact form submissions
  • Manage user accounts
  • View system analytics
  • Configure system settings

User

Basic access for customers

  • Browse available treks
  • View trek details and itineraries
  • Read blog posts
  • Submit booking enquiries
  • Contact support
  • Manage personal profile

API Request/Response Flow

sequenceDiagram
    participant C as Client
    participant M as Middleware
    participant A as API Controller
    participant D as Database
    
    C->>M: HTTP Request
    M->>M: Validate Token
    M->>M: Check Permissions
    
    alt Invalid Auth
        M-->>C: 401/403 Error
    else Valid Auth
        M->>A: Forward Request
        A->>D: Query Data
        D-->>A: Return Data
        A-->>C: JSON Response
    end

    Note over C,D: All responses follow standard format

API Endpoints

Authentication

POST /api/auth/login

Login with email and password

Request body:

{
    "email": "user@example.com",
    "password": "password"
}

POST /api/auth/register

Register new user account

POST /api/auth/logout

Logout current user (requires authentication)

POST /api/auth/forgot-password

Request password reset

GET /api/user

Get current user information (requires authentication)

Treks

GET /api/treks

List all treks with pagination and filtering

Query Parameters:

  • data_type: Filter by type (trek, package)
  • is_active: Filter by active status (true/false)
  • page: Page number for pagination

Example Request:

GET /api/treks?data_type=trek&is_active=true&page=1

GET /api/treks/{id}

Get specific trek details

POST /api/create-trek

Create new trek (admin only)

Required fields:

{
    "title": "Annapurna Base Camp Trek",
    "data_type": "trek",
    "location": "Nepal",
    "price": 1200.00,
    "duration": "14 days",
    "difficulty": "Moderate",
    "type": "Trekking",
    "distance_km": 115.0,
    "description": "Amazing trek to ABC...",
    "featured_image": "file",
    "trek_days": ["Day 1: Arrival...", "Day 2: Trek to..."]
}

POST /api/update-trek/{id}

Update trek details (admin only)

DELETE /api/treks/{id}

Delete trek (admin only)

Blogs

GET /api/blogs

List all blog posts

GET /api/blogs/{id}

Get specific blog post details

POST /api/blogs

Create new blog post (admin only)

Required fields:

{
    "title": "Best Trekking Destinations",
    "content": "Blog content here...",
    "featured_image": "file"
}

POST /api/update-blog/{id}

Update blog post (admin only)

DELETE /api/blogs/{id}

Delete blog post (admin only)

Booking & Contact

POST /api/book-trek

Submit trek booking enquiry (requires reCAPTCHA)

Required fields:

{
    "trek_name": "Annapurna Base Camp Trek",
    "name": "John Doe",
    "email": "john@example.com",
    "country": "USA",
    "phone": "+1234567890",
    "adults": 2,
    "children": 1,
    "subject": "Booking inquiry",
    "message": "I'm interested in...",
    "recaptcha_token": "token_from_google"
}

POST /api/contact-us

Submit contact form (requires reCAPTCHA)

System

GET /api/pull-changes

Pull latest changes from git repository

POST /api/pull-changes

Pull latest changes from git repository

Security Features

reCAPTCHA Protection

All public forms are protected with Google reCAPTCHA Enterprise to prevent spam and bot attacks.

Role-based Access

Comprehensive role-based access control ensures users can only access appropriate resources.

Input Validation

All API inputs are validated using Laravel's robust validation system.

File Upload Security

Secure image upload handling with proper file type validation and storage.

Standard Response Format

Success Response

{
    "success": true,
    "data": {
        // Response data
    },
    "message": "Operation completed successfully"
}

Error Response

{
    "success": false,
    "message": "Error description",
    "errors": {
        // Validation errors (if any)
    }
}

Getting Started

Quick Start Guide

  1. Register a new account or login with existing credentials
  2. Obtain your API token from the authentication endpoints
  3. Include the token in your request headers: Authorization: Bearer YOUR_TOKEN
  4. Start exploring treks and managing your adventure tourism business!

YetiRides API Documentation v1.0

Built with Laravel and Swagger/OpenAPI