API Documentation

Authentication & User Management

GET/POST /auth/[...nextauth]
Description:

NextAuth.js tabanlı kimlik doğrulama sistemi. İki farklı senaryo için kimlik doğrulama sağlar.

Authentication Types:
  • Browser-based Authentication (Web)
  • Application-based Authentication (with HWID)
Request Body: { "email": string, "password": string, "hwid": string // Optional, required for app auth }
Security Checks:
  • Origin validation for browser requests
  • User-Agent verification for app requests
  • HWID validation for app authentication
  • Password comparison with bcrypt
Session Configuration: { "strategy": "jwt", "maxAge": 1800 // 30 minutes }
Success Response: { "id": string, "email": string, "name": string, "role": string }
Error Cases:
  • Invalid credentials
  • Invalid origin/referer
  • Invalid User-Agent
  • Invalid or mismatched HWID
  • Database connection errors
POST /register
Description:

Yeni kullanıcı kaydı oluşturur.

Request Body: { "name": string, "email": string, "password": string, "hwid": string (optional) }
Validation Checks:
  • Email benzersizlik kontrolü
  • Kullanıcı adı benzersizlik kontrolü
  • HWID benzersizlik kontrolü (varsa)
Success Response (201): { "message": "User created successfully" }
Error Responses:
  • 400: { "message": "This email is already registered" }
  • 400: { "message": "This username is already taken" }
  • 400: { "message": "This HWID is already registered to our system" }
  • 500: { "message": "Error occurred during registration" }
POST /auth/forgot-password
POST /auth/reset-password

Product & License Management

GET/POST /admin/licenses
Description:

Lisans yönetimi - listeleme ve oluşturma (Admin only)

Authentication:

Admin yetkisi gerekli (ADMIN_EMAIL kontrolü)

GET Response: [{ "key": string, "duration": number, "status": "unused" | "used", "createdAt": Date, "updatedAt": Date }]
POST Request: { "duration": number }
POST Response: { "key": string, // randomly generated "duration": number, "status": "unused" }
Error Responses:
  • 401: { "error": "Unauthorized" }
  • 500: { "error": "Failed to fetch/create license" }
GET/POST /hwid
Description:

HWID yönetimi - kontrol ve güncelleme

GET Request:

Query Parameters: email (string)

GET Response: { "hwid": string | null }
POST Request: { "email": string, "hwid": string }
POST Response: { "success": true }
Error Responses:
  • 404: { "error": "Kullanıcı bulunamadı" }
  • 500: { "error": "HWID işlemi başarısız oldu" }
GET /products
Description:

Tüm ürünleri listeler

Response: [ProductObject]
Error Response: { "error": "Failed to fetch products" }
GET /products/[id]
Description:

Belirli bir ürünün detaylarını getirir

Parameters:

id: Product ID

Response: ProductObject
Error Response: { "error": "Failed to fetch products" }
GET /lemon-product/[id]
Description:

LemonSqueezy ürün detaylarını getirir

Parameters:

id: LemonSqueezy Product ID

Response: { "name": string, "price": string, "buy_now_url": string }
Error Responses:
  • 500: { "error": "Failed to fetch product data" }

License Operations

POST /license/activate
Description:

Lisans anahtarı aktivasyonu ve HWID bağlama

Request Body: { "key": string, "hwid": string }
Validation Checks:
  • Lisans anahtarı geçerlilik kontrolü
  • HWID benzersizlik kontrolü
  • Lisans süresi kontrolü
Success Response: { "message": "License activated successfully", "expiresAt": Date }
Error Responses:
  • 400: { "error": "Invalid license key" }
  • 400: { "error": "License already in use" }
  • 400: { "error": "HWID already registered" }
  • 400: { "error": "License expired" }
  • 500: { "error": "Activation failed" }
POST /hwid/reset
Description:

Kullanıcının HWID bilgisini sıfırlar

Request Body: { "userId": string }
Authentication:

Admin veya moderatör yetkisi gerekli

Success Response: { "message": "HWID reset successful", "user": UserObject }
Error Responses:
  • 401: { "error": "Unauthorized" }
  • 404: { "error": "User not found" }
  • 500: { "error": "Failed to reset HWID" }