# Afak 22 API Reference Base URL: `http://localhost:3000/api` --- ## Authentication All endpoints except `/health` and `/auth/login` require a JWT token in the header: ``` Authorization: Bearer ``` --- ## Endpoints ### Health (No Auth) ``` GET /api/health ``` **Response:** ```json { "status": "ok", "timestamp": "2025-02-23T00:00:00.000Z", "service": "Afak 22 API", "version": "1.0.0" } ``` --- ### Auth #### Login ``` POST /api/auth/login Content-Type: application/json ``` **Body:** ```json { "dbName": "afak22", "userName": "admin", "password": "1", "dbType": 2 } ``` **Response:** ```json { "accessToken": "eyJhbGciOiJIUzI1NiIs...", "expiresIn": "1d", "user": { "id": 1, "name": "admin", "type": 1 } } ``` #### Select Database (Protected) ``` POST /api/auth/select-database Authorization: Bearer Content-Type: application/json ``` **Body:** ```json { "dbName": "afak22" } ``` --- ### Ledger (Chart of Accounts) #### Get All Accounts ``` GET /api/ledger GET /api/ledger?actUp=1 GET /api/ledger?actCode=2 Authorization: Bearer ``` **Query:** `actUp` - children of parent; `actCode` - 1=sub, 2=main **Response:** Array of gnledger records #### Get Account by Act No ``` GET /api/ledger/:actNo?actCode=1 Authorization: Bearer ``` #### Create Account ``` POST /api/ledger Authorization: Bearer Content-Type: application/json Body: { "actNo": "1.1", "actName": "...", "actUp": "1", "actCode": 1, "actBlnc": 0 } ``` #### Update Account ``` PATCH /api/ledger/:actNo Authorization: Bearer Content-Type: application/json Body: { "actName": "...", "actCode": 1, ... } ``` #### Delete Account ``` DELETE /api/ledger/:actNo Authorization: Bearer ``` Fails if account has children. --- ### Daily (Accounting Entries) #### Last AC Daily Number ``` GET /api/daily/last/:kind/:ref Authorization: Bearer ``` **Response:** ```json { "lastACDaily": 5 } ``` #### Hold AC Daily (Count) ``` GET /api/daily/hold/:kind/:ref Authorization: Bearer ``` **Response:** ```json { "holdACDaily": 4 } ``` #### Get Entries ``` GET /api/daily/entries/:kind/:ref?tranNo=1 Authorization: Bearer ``` --- ### Invoices #### Last Sale Invoice ``` GET /api/invoices/sale/last?dft=1&st=0&ref=0 Authorization: Bearer ``` **Response:** ```json { "lastInvoice": 10 } ``` #### Hold Sale Invoice ``` GET /api/invoices/sale/hold?dft=1&ref=0 Authorization: Bearer ``` #### Last Buy Invoice ``` GET /api/invoices/buy/last?dft=1&st=0&ref=0 Authorization: Bearer ``` #### Hold Buy Invoice ``` GET /api/invoices/buy/hold?dft=1&ref=0 Authorization: Bearer ``` --- ### Data (Raw SQL) #### Execute (INSERT/UPDATE/DELETE) ``` POST /api/data/execute Authorization: Bearer Content-Type: application/json Body: { "sql": "UPDATE gnledger SET act_name='...' WHERE act_no='1'" } ``` #### Query (SELECT only) ``` POST /api/data/query Authorization: Bearer Content-Type: application/json Body: { "sql": "SELECT * FROM gnledger LIMIT 10" } Response: { "data": [...] } ``` ### Transactions ``` POST /api/transactions/begin POST /api/transactions/commit POST /api/transactions/rollback ``` (Informational - Prisma auto-manages transactions) ### Users ``` GET /api/users GET /api/users/:id ``` ### Daily (MG - Inventory) ``` GET /api/daily/mg/last/:kind/:ref GET /api/daily/mg/hold/:kind/:ref ``` ### Invoices (BBack, SBack, Posl, Ex) ``` GET /api/invoices/bback/last?dft=1&st=0&ref=0 GET /api/invoices/bback/hold?dft=1&ref=0 GET /api/invoices/sback/last?dft=1&st=0&ref=0 GET /api/invoices/sback/hold?dft=1&ref=0 GET /api/invoices/posl/last?dft=1&st=0&ref=0 GET /api/invoices/posl/hold?dft=1&ref=0 GET /api/invoices/ex/last?dft=1&st=0&ref=0 GET /api/invoices/ex/hold?dft=1&ref=0 ``` ### Invoice Posting (DoInvoice, UnDoInvoice, DoBuyInvoice, UnDoBuyInvoice) ``` POST /api/invoices/sale/do Body: { dft, n, ref } POST /api/invoices/sale/undo Body: { dft, n, ref } POST /api/invoices/buy/do Body: { dft, n, ref } POST /api/invoices/buy/undo Body: { dft, n, ref } ``` ### Accounting (DoAcount, UnDoAcount) ``` POST /api/accounting/do-acount Body: { n, kind, ref } POST /api/accounting/undo-acount Body: { n, kind, ref } ``` ### Inventory (DoMG, UnDoMG) ``` POST /api/inventory/do-mg Body: { n, kind, ref } POST /api/inventory/undo-mg Body: { n, kind, ref } ``` --- ### Items (Inventory) #### Get All Items ``` GET /api/items?mgNo=1&mtNo=100 Authorization: Bearer ``` #### Get Item by MG/MT ``` GET /api/items/:mgNo/:mtNo?mtrCode=1 Authorization: Bearer ``` --- ## Error Responses | Status | Meaning | |--------|---------| | 400 | Bad Request - Invalid input | | 401 | Unauthorized - Missing or invalid token | | 404 | Not Found | | 500 | Server Error | **Error format:** ```json { "statusCode": 401, "message": "Invalid or expired token" } ```