--- description: Standar dan aturan API geonet-console globs: ["geonet-console/app/Http/**", "geonet-console/routes/**", "geonet-console/docapi/**"] alwaysApply: false --- # API Rules — geonet-console ## Base URL - Production: `https://console.gisportal.id/api/v1` - Internal: `http://127.0.0.1:8091/api/v1` ## Auth - Semua endpoint butuh `Authorization: Bearer ` kecuali `/auth/login`, `/auth/refresh`, `/auth/token-guide` - Token: JWT (dari login LDAP), API Token (personal), atau Service Token (antar-service) - Gunakan `ApiActor` dari `ApiAuthService::resolve()` — **jangan** `Auth::user()` ## Format Response **Success:** ```json {"data": {...}, "message": "success"} ``` **Error:** ```json {"message": "Error message", "errors": {"field": ["msg"]}} ``` ## Menambah Endpoint Baru 1. Controller di `app/Http/Controllers/Api/V1/` 2. Service di `app/Services/` 3. Route di `routes/api.php` dengan middleware auth + rate limit 4. **Update `docapi/index.md`** — wajib 5. Buat `docapi/services//.md` 6. Tambah audit log untuk aksi write via `AuditLogService` ## Scope Convention | Scope | Akses | |-------|-------| | `ldap:read` | Baca data LDAP | | `ldap:write` | Ubah data LDAP | | `databases:read` | Baca database registry | | `databases:write` | Ubah status database | | `project-search:read` | Query project search | ## Rate Limit - Login: 5 req/menit - General: 60 req/menit