@lap v0.3
# Machine-readable API spec. Each @endpoint block is one API call.
@api AltoroJ REST API
@version 1.0.2
@auth ApiKey Authorization in header
@endpoints 12
@toc login(2), account(4), transfer(1), feedback(2), admin(2), logout(1)

@group login
@endpoint GET /login
@desc Check if any user is logged in
@required {Authorization: any # Authorization token (provided upon successful login)}
@returns(200) Logged in
@errors {401: Logged out}

@endpoint POST /login
@desc Login method
@required {body: map # Username and password combination to allow users to log-in}
@returns(200) Success message when login is complete
@errors {400: Bad parameters: Please check provided values, 500: Internal server error: Please see error message or logs for details}

@endgroup

@group account
@endpoint GET /account
@desc Returns a list of all the accounts owned by the user
@required {Authorization: any # Authorization token (provided upon successful login)}
@returns(200) Successful operation
@errors {401: Unauthorized request, 500: Internal server error}

@endpoint GET /account/{accountNo}
@desc Returns details about a specific account
@required {Authorization: any # Authorization token (provided upon successful login), accountNo: any # Account id}
@returns(200) Successful operation
@errors {401: Unauthorized request, 500: Internal server error}

@endpoint GET /account/{accountNo}/transactions
@desc Returns the last 10 transactions attached to an account
@required {Authorization: any # Authorization token (provided upon successful login), accountNo: any # Account id}
@returns(200) Successful operation
@errors {401: Unauthorized request, 500: Internal server error}

@endpoint POST /account/{accountNo}/transactions
@desc Return transactions between 2 specific dates
@required {Authorization: any # Authorization token (provided upon successful login), accountNo: any # Account id, body: map # A start date and an end date}
@returns(200) Successful operation
@errors {400: Bad parameters: Please check provided values, 401: Unauthorized request, 501: Internal server error}

@endgroup

@group transfer
@endpoint POST /transfer
@desc Transfer money between two accounts
@required {Authorization: any # Authorization token (provided upon successful login), body: map # Transfer details including ammount, sender and receiver}
@returns(200) Successful operation
@errors {400: Bad parameters: Please check provided values, 501: Internal server error}

@endgroup

@group feedback
@endpoint POST /feedback/submit
@desc Submit feedback for the bank
@required {body: map # Feedback details including name, email the subject and complete message}
@returns(200) Successful operation
@errors {401: Unauthorized request, 500: Internal server error}

@endpoint GET /feedback/{feedbackId}
@desc Retrieve feedback
@required {Authorization: any # Authorization token (provided upon successful login), feedbackId: any}
@returns(200) Successful operation
@errors {400: Bad parameters: Please check provided values, 401: Unauthorized request, 500: Internal server error}

@endgroup

@group admin
@endpoint POST /admin/addUser
@desc Add new user
@required {Authorization: any # Authorization token (provided upon successful login), body: map # Details of a new user including first name, last name, desired username and a password}
@returns(200) Successful operation
@errors {400: Unauthorized request, 401: Unauthorized request, 500: Error creating user}

@endpoint POST /admin/changePassword
@desc Change user password
@required {Authorization: any # Authorization token (provided upon successful login), body: map # Information about the user password to be changed including id and new password}
@returns(200) Successful operation
@errors {400: Unauthorized request, 401: Unauthorized request, 500: Error in changing the username password}

@endgroup

@group logout
@endpoint GET /logout
@desc Logout from the bank
@returns(200) Successful operation
@errors {500: Unauthorized request}

@endgroup

@end