joostadrian/lorem_ipsum
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add API Document draft #4

Merged
joostadrian merged 1 commits from early-documentation into main 2026-02-13 19:43:44 +01:00
Conversation 0 Commits 1 Files Changed 2 +202
2 changed files with 202 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -6,6 +6,11 @@ Das Projekt Lorem Ipsum ist ein kleines Spiel, bei dem ein User einen Text für
Der User kann seinen Score auf ein globales Leaderboard hochladen und sich mit anderen Usern vergleichen. Der User kann sich eine Top10 Tabelle des globalen Leaderboards anzeigen lassen. Der User kann seinen Score auf ein globales Leaderboard hochladen und sich mit anderen Usern vergleichen. Der User kann sich eine Top10 Tabelle des globalen Leaderboards anzeigen lassen.
## Features ## Features
- Ein User kann sich einen Account anlegen. und erhält dann ein Zugangspasswort.
- Ein User kann in seinem Namen erspielte Scores submitten.
- Ein User kann das Spiel spielen.
- Ein User kann sich all seine Scores anzeigen lassen.
- Ein User kann das globale Leaderboard anschauen.
## Technologieen ## Technologieen
Als CSS Framework wird Bootstrap 5.3.8 verwendet. Als CSS Framework wird Bootstrap 5.3.8 verwendet.

197
docs/backend_endpoints.md Normal file
View File

@ -0,0 +1,197 @@
# API Specification
This document describes the REST API endpoints for user creation, score
submission, and leaderboard access.
## Authentification
The password for an account must exclusivly be generated by the backend server and the user is never allowed to change or recover it. If they loose the password, they loose access to the account. This is done, in order to avoid any legal issues or bad consequences for the user as the authentification is never encrypted. (This is a design choice, because the focus of the project is not authentification, but frontend desgin.)
Authentification is done via the headers, that send username and password as plain strings.
**Authentication Headers (required)**
- X-Username
- X-Password
## Base URL
/api
------------------------------------------------------------------------
## 1. User
### GET
**Endpoint**
GET /user
**Description** Authorizes on the server with the header, and returns 201 if successfull or 401 if unauthorized.
**Response**
Status: 201 if authentificated successfully,
Status: 401 if authentification failed
### POST
**Endpoint**
POST /user
**Request Body**
``` json
{
"username": "string"
}
```
**Description** Creates a new user with the given username. The backend
generates a password automatically (or sets it to "1234"). Does not require authentification.
**Response (UserDTO)**
``` json
{
"name": "string",
"password": "string"
}
```
**Error Response (ErrorDTO)**
If a user with that name already exists, it should return a 400.
``` json
{
"status": 400,
"message": "Nutzer mit Name {username} existiert bereits."
}
```
### DELETE
**Endpoint**
DELETE /user
**Description** Deletes the user and all the scores submitted by them. The user to delete should be the one who authentificates themselfs in the header.
**Response**
``` json
{
"message": "User {username} existiert nicht mehr.",
}
```
------------------------------------------------------------------------
## 2. Score
### GET
**Endpoint**
GET /score/{username}
**Description** Returns all score entries for the specified user. Does not require authentification.
**Response List\<ScoreDTO\>**
``` json
[
{
"username": "string",
"score": 0,
"time": 0,
"text": "string",
"userWrittenText": "string",
"place": 0,
}
]
```
### POST
**Endpoint**
POST /score
**Request Body**
``` json
{
"score": 0,
"time": 0,
"text": "string",
"userWrittenText": "string"
}
```
**Description** Submits a new score entry for a user. The score is a float (the higher, the better). If two scores are the same, the entity with the lower time is better. If time is also the same, the first entity submitted is better. In race-conditions, we don't care.
**Response (ScoreDTO)**
The response should return the created object. It should give the place, the score lands on.
``` json
{
"username": "string",
"id": 0,
"score": 0,
"time": 0,
"text": "string",
"userWrittenText": "string",
"place": 0,
}
```
### DELETE
**Endpoint**
DELETE /score/{id}
**Description** Deletes a score with the given id. Only the user that submitted the score can delete it. If the score does not exist, the response should return successfully, if the user is authenticated. Otherwise, it should return a 401.
**Response**
``` json
{
"message": "Score mit Id {Id} existiert nicht mehr.",
}
```
------------------------------------------------------------------------
## 3. Get Leaderboard
**Endpoint**
GET /leaderboard?offset={offset}&limit={limit}
**Query Parameters** - `offset` (number): Starting position - `limit`
(number): Number of results to return
**Description** Returns leaderboard entries ordered by: 1. Score
(descending) 2. Time (ascending) 3. Date of submition (ascending). Does not require authentification.
**Response (List\<ScoreDTO\>)** Returns a list of the same objects submitted via
`/submitScore`.
``` json
[
{
"username": "string",
"id": 0,
"score": 0,
"time": 0,
"text": "string",
"userWrittenText": "string",
"place": 0,
}
]
```