EMS-UGC API Docs

EMS-UGC API Documentation

General API notes, authentication, required headers, and important information

Base URL: http://192.168.100.250/


Authentication

All API requests (except /login and /csrf) require a valid session cookie. First authenticate via /login, then include the session cookie in subsequent requests.


Required Headers

Always include these headers in requests:

HeaderValue
Acceptapplication/json
X-CSRF-TOKEN<csrf-token>
Content-Typeapplication/json

CSRF Token

Every state-changing request requires a CSRF token. Fetch it first:

GET /csrf
Accept: application/json

Response:

{
  "token": "abc123..."
}

Include this token in the X-CSRF-TOKEN header for POST/PUT/DELETE requests.


Example Request

// 1. Get CSRF token
const csrfRes = await fetch('/csrf', {
  headers: { 'Accept': 'application/json' }
});
const { token } = await csrfRes.json();

// 2. Make authenticated request
const res = await fetch('/your-endpoint', {
  method: 'POST',
  credentials: 'same-origin',
  headers: {
    'Accept': 'application/json',
    'Content-Type': 'application/json',
    'X-CSRF-TOKEN': token
  },
  body: JSON.stringify(data)
});

Response Format

All responses use the ApiResponse envelope:

{
  "success": true,
  "message": "Operation completed",
  "data": { ... }
}

Error response:

{
  "success": false,
  "message": "Validation failed",
  "errors": {
    "field": ["Error message"]
  }
}

Status Codes

CodeMeaning
200Success
201Created
400Bad request / validation error
401Unauthenticated
403Unauthorized (insufficient permissions)
404Resource not found
429Rate limit exceeded
500Server error

Pagination

Paginated endpoints return:

{
  "current_page": 1,
  "per_page": 15,
  "last_page": 5,
  "total": 72,
  "data": [ ... ]
}

Use ?page=N query parameter to navigate pages.


Date Format

Dates use Nepali (Bikram Sambat) format: YYYY-MM-DD (e.g., 2081-05-12).


File Uploads

For endpoints accepting file uploads, use multipart/form-data:

const formData = new FormData();
formData.append('photo', fileInput.files[0]);
formData.append('name', 'John');

await fetch('/endpoint', {
  method: 'POST',
  headers: {
    'Accept': 'application/json',
    'X-CSRF-TOKEN': token
  },
  body: formData
});

Allowed file types: jpeg, jpg, png, pdf Max file size: 2MB per file

On this page