Haddock Logo
HADDOCK

Backend - Development

API Documentation

Authentication Endpoints

Standard Authentication

  • POST /auth/signin
    {
  email: string    // Required
  password: string // Required
}
    Returns: { accessToken: string }

GitHub Authentication

  • POST /auth/github
    {
  code: string // GitHub OAuth code
}
    Returns: { accessToken: string }

Standard Registration

  • POST /auth/signup
    {
  name: string     // Required
  email: string    // Required
  password: string // Required
}
    Returns: { accessToken: string }

Authorization Management

Create Authorization

  • POST /authorization
    {
  type: "oauth" | "personal_access_token" | "deploy_key"
  name: string
  data: {
    // For OAuth:
    code: string
    // For Personal Access Token:
    token: string
    // For Deploy Key:
    key: string
  }
}

List Authorizations

  • GET /authorization Returns: Array of authorization objects
    {
  id: string
  name: string
  type: string
}

Delete Authorization

  • DELETE /authorization/:id

Project Management

Create Project

  • POST /project
    {
  name: string
  description?: string
  path?: string
  sourceId: string
  vmId: string
}

Network Connections

  • POST /networks
    {
  domain: string
  port: number
  projectId: string
}

Domain Management

Create Domain

  • POST /domains
    {
  domain: string
  challenge: string
  main: boolean
  linked: boolean
}

Configuration

GitHub Setup

  • POST /configuration/github
    {
  client_id: string
  client_secret: string
}
    Note: Requires valid GitHub OAuth Application credentials

WebSocket Events

Project Updates

Event: project.update

{
  projectId: string
  type: "UPDATE" | "DELETE" | "CREATE"
  data: any
}

Connection Management

Event: connect Requires authentication token in connection parameters

Error Responses

All error responses follow the format:

{
  statusCode: number
  message: string
  error?: string
}

Common status codes:

  • 400: Bad Request - Invalid input
  • 401: Unauthorized - Missing or invalid authentication
  • 403: Forbidden - Insufficient permissions
  • 404: Not Found - Resource doesn't exist
  • 500: Internal Server Error

Authentication

All endpoints except those marked with @Public() require authentication via JWT Bearer token:

Authorization: Bearer <token>

Some endpoints may also require specific authorization types (OAuth, PAT, or Deploy Key) depending on the operation.

Previous
Architecture
Next
Testing