api-playground/API_DOCS.md

# 📖 API Enroll Documentation

**Base URL:** `http://localhost:8080`

**Endpoint:** `/api/enroll`

Seluruh operasi CRUD dilakukan melalui **satu endpoint** ini, cukup dengan `GET` dan `POST`.

---

## 🔐 Authentication

Semua request ke `/api/enroll` **wajib** menyertakan header:

```
Authorization: Bearer <token>
```

| Info        | Nilai        |
|-------------|--------------|
| Token default | `secret123` |
| Letak config  | `app.py` → variabel `API_TOKEN` |

**Response `401 Unauthorized`** (tanpa header)

```json
{
  "error": "missing or invalid Authorization header"
}
```

**Response `401 Unauthorized`** (token salah)

```json
{
  "error": "invalid token"
}
```

---

## 📊 Database Schema

| Kolom     | Tipe    | Keterangan                                              |
|-----------|---------|---------------------------------------------------------|
| `id`      | INTEGER | Primary key, auto-increment                             |
| `type`    | TEXT    | Tipe enrollment — **hanya boleh `Annually` atau `Monthly`** |
| `service` | TEXT    | Paket layanan — **hanya boleh `Lite`, `Value`, atau `Pro`** |
| `user`    | TEXT    | Nama pengguna (contoh: `alice`)                         |

---

## 🏠 Routes

| Route          | Method | Auth | Fungsi                         |
|----------------|--------|------|--------------------------------|
| `/`            | GET    | ❌   | Halaman playground (UI web)    |
| `/api/enroll`  | GET    | ✅   | List / Detail enrollment       |
| `/api/enroll`  | POST   | ✅   | Add / Edit / Remove enrollment |

---

## 1️⃣ List — Mendapatkan semua data

**Request**

```
GET /api/enroll
Authorization: Bearer secret123
```

**Contoh curl**

```bash
curl -H "Authorization: Bearer secret123" \
  http://localhost:8080/api/enroll
```

**Response `200 OK`**

```json
{
  "data": [
    {
      "id": 2,
      "type": "Monthly",
      "service": "Lite",
      "user": "bob"
    },
    {
      "id": 1,
      "type": "Annually",
      "service": "Pro",
      "user": "alice"
    }
  ]
}
```

---

## 2️⃣ Detail — Mendapatkan satu data

**Request**

```
GET /api/enroll?id=<id>
Authorization: Bearer secret123
```

**Parameter Query**

| Parameter | Tipe    | Wajib | Keterangan    |
|-----------|---------|-------|---------------|
| `id`      | integer | ✅    | ID enrollment |

**Contoh curl**

```bash
curl -H "Authorization: Bearer secret123" \
  http://localhost:8080/api/enroll?id=1
```

**Response `200 OK`**

```json
{
  "data": {
    "id": 1,
    "type": "Annually",
    "service": "Pro",
    "user": "alice"
  }
}
```

**Response `404 Not Found`**

```json
{
  "error": "not found"
}
```

---

## 3️⃣ Add — Menambah data baru

**Request**

```
POST /api/enroll
Authorization: Bearer secret123
Content-Type: application/x-www-form-urlencoded
```

**Form Data**

| Field     | Tipe   | Wajib | Keterangan                                              |
|-----------|--------|-------|---------------------------------------------------------|
| `type`    | string | ✅    | **Hanya boleh `Annually` atau `Monthly`**               |
| `service` | string | ✅    | **Hanya boleh `Lite`, `Value`, atau `Pro`**             |
| `user`    | string | ✅    | Nama pengguna                                           |

> ⚠️ Jangan kirim field `id` — kalau `id` terkirim, ini akan dianggap **Edit**.

**Contoh curl**

```bash
curl -X POST http://localhost:8080/api/enroll \
  -H "Authorization: Bearer secret123" \
  -d "type=Annually" \
  -d "service=Pro" \
  -d "user=alice"
```

**Response `201 Created`**

```json
{
  "message": "created",
  "id": 1
}
```

**Response `400 Bad Request`** (type/service tidak valid)

```json
{
  "error": "type must be one of: Annually, Monthly"
}
```

```json
{
  "error": "service must be one of: Lite, Value, Pro"
}
```

---

## 4️⃣ Edit — Mengubah data yang sudah ada

**Request**

```
POST /api/enroll
Authorization: Bearer secret123
Content-Type: application/x-www-form-urlencoded
```

**Form Data**

| Field     | Tipe    | Wajib | Keterangan                                              |
|-----------|---------|-------|---------------------------------------------------------|
| `id`      | integer | ✅    | ID yang ingin diubah                                    |
| `type`    | string  | ✅    | **Hanya boleh `Annually` atau `Monthly`** (baru)        |
| `service` | string  | ✅    | **Hanya boleh `Lite`, `Value`, atau `Pro`** (baru)      |
| `user`    | string  | ✅    | Nama pengguna (baru)                                    |

> 💡 Cukup sertakan `id` pada form POST, sistem otomatis tahu ini adalah operasi **Edit**.

**Contoh curl**

```bash
curl -X POST http://localhost:8080/api/enroll \
  -H "Authorization: Bearer secret123" \
  -d "id=1" \
  -d "type=Monthly" \
  -d "service=Value" \
  -d "user=bob"
```

**Response `200 OK`**

```json
{
  "message": "updated",
  "id": 1
}
```

**Response `400 Bad Request`** (type/service tidak valid)

```json
{
  "error": "type must be one of: Annually, Monthly"
}
```

```json
{
  "error": "service must be one of: Lite, Value, Pro"
}
```

---

## 5️⃣ Remove — Menghapus data

**Request**

```
POST /api/enroll
Authorization: Bearer secret123
Content-Type: application/x-www-form-urlencoded
```

**Form Data**

| Field     | Tipe    | Wajib | Keterangan                                  |
|-----------|---------|-------|---------------------------------------------|
| `id`      | integer | ✅    | ID yang ingin dihapus                       |
| `action`  | string  | ✅    | Harus bernilai `"remove"` (sebagai penanda) |

**Contoh curl**

```bash
curl -X POST http://localhost:8080/api/enroll \
  -H "Authorization: Bearer secret123" \
  -d "id=1" \
  -d "action=remove"
```

**Response `200 OK`**

```json
{
  "message": "removed",
  "id": 1
}
```

**Response `400 Bad Request`** (tanpa id)

```json
{
  "error": "id is required for remove"
}
```

---

## 📋 Ringkasan Logika POST

```
POST /api/enroll
│
├── action = "remove"  →  hapus data (butuh id)
├── ada id             →  edit data (butuh type, service, user)
└── tidak ada id       →  tambah data baru (butuh type, service, user)
```

## 🔑 Ringkasan Response Error

| Status | Kondisi                        | Body                                        |
|--------|--------------------------------|---------------------------------------------|
| `401`  | Tanpa header Authorization     | `{"error": "missing or invalid …"}`         |
| `401`  | Token salah                    | `{"error": "invalid token"}`                |
| `400`  | Field wajib kosong             | `{"error": "… are required"}`               |
| `400`  | Type bukan Annually/Monthly    | `{"error": "type must be one of: Annually, Monthly"}` |
| `400`  | Service bukan Lite/Value/Pro   | `{"error": "service must be one of: Lite, Value, Pro"}` |
| `404`  | ID tidak ditemukan             | `{"error": "not found"}`                    |

## 🎮 Playground UI

Setelah server jalan, buka browser ke:

```
http://localhost:8080
```

Anda akan diarahkan ke halaman **Playground** yang memudahkan pengujian semua endpoint langsung dari browser:

1. **Isi token** di bar atas (default: `secret123`)
2. Status otomatis berubah: ✅ authenticated / ❌ wrong token
3. Isi form, klik tombol, lihat response JSON secara realtime

---

## 🚀 Quick Start

```bash
# masuk ke folder project
cd api-playground

# install dependency
pip3 install -r requirements.txt

# jalankan server
python3 app.py

# buka di browser
# http://localhost:8080
```

Server akan berjalan di `http://0.0.0.0:8080` dengan `reloader=True` (auto-restart saat kode diubah).