Skip to main content

Base URL

The API is accessible at the following base URL: 
http://localhost:4000 (development)
All API endpoints are prefixed with /api/.

Endpoint Categories

The Los Inmaduros Backend API is organized into the following categories:

Routes

Manage predefined skating routes in Madrid. Public endpoints for browsing available routes with details like distance, difficulty level, and user ratings.
  • GET /api/routes - Get all routes
  • GET /api/routes/:slug - Get route details by slug

Route Calls

Create and manage skating event calls. Authenticated users can organize events, while anyone can view upcoming or past route calls.
  • POST /api/route-calls - Create a new route call (requires auth)
  • GET /api/route-calls - Get all route calls with filters
  • GET /api/route-calls/:id - Get route call by ID
  • PUT /api/route-calls/:id - Update route call (organizer only)
  • PATCH /api/route-calls/:id/cancel - Cancel route call (organizer/admin)
  • DELETE /api/route-calls/:id - Delete route call (organizer/admin)

Attendances

Track user participation in route calls. Authenticated users can confirm or cancel their attendance.
  • GET /api/attendances/my-attendances - Get user’s confirmed attendances (requires auth)
  • POST /api/route-calls/:routeCallId/attendances - Confirm attendance (requires auth)
  • DELETE /api/route-calls/:routeCallId/attendances/:attendanceId - Cancel attendance (requires auth)

Reviews

User reviews and ratings for routes. Authenticated users can create, update, and delete their own reviews.
  • GET /api/routes/:routeId/reviews - Get reviews for a route
  • POST /api/routes/:routeId/reviews - Create a review (requires auth)
  • GET /api/reviews/my-reviews - Get user’s reviews (requires auth)
  • PUT /api/reviews/:reviewId - Update review (owner only)
  • DELETE /api/reviews/:reviewId - Delete review (owner/admin)

Favorites

Manage user’s favorite routes. All endpoints require authentication.
  • GET /api/favorites - Get user’s favorite routes (requires auth)
  • GET /api/favorites/check/:routeId - Check if route is favorited (requires auth)
  • POST /api/routes/:routeId/favorites - Add route to favorites (requires auth)
  • DELETE /api/routes/:routeId/favorites/:favoriteId - Remove from favorites (requires auth)

Photos

Upload and manage photos for routes and route calls. Includes moderation workflow for admin approval.
  • POST /api/photos - Upload photo (requires auth)
  • GET /api/photos - Get public photos with filters
  • GET /api/photos/my-photos - Get user’s photos (requires auth)
  • GET /api/photos/pending-review - Get pending photos (admin only)
  • PATCH /api/photos/:id/approve - Approve photo (admin only)
  • PATCH /api/photos/:id/reject - Reject photo (admin only)
  • DELETE /api/photos/:id - Delete photo (owner/admin)
  • GET /api/routes/:slug/gallery - Get route gallery
  • GET /api/route-calls/:id/gallery - Get route call gallery
  • PATCH /api/route-calls/:id/cover-photo - Update cover photo (organizer only)

Standard Response Format

All API responses follow a consistent format:

Success Response

{
  "success": true,
  "data": { /* response data */ },
  "message": "Optional success message"
}

Error Response

{
  "success": false,
  "error": "Error message description"
}

Paginated Response

Endpoints that support pagination include additional pagination metadata: 
{
  "success": true,
  "data": [ /* array of items */ ],
  "pagination": {
    "page": 1,
    "limit": 20,
    "totalCount": 45,
    "totalPages": 3,
    "hasNextPage": true,
    "hasPreviousPage": false
  }
}

Example Request/Response

Here’s a complete example of fetching all routes: Request: 
GET http://localhost:4000/api/routes
Response: 
{
  "success": true,
  "data": [
    {
      "id": "987e6543-e21b-12d3-a456-426614174000",
      "name": "Casa de Campo",
      "slug": "casa-de-campo",
      "image": "https://example.com/image.jpg",
      "approximateDistance": "15 km",
      "level": ["INTERMEDIATE"],
      "terrainType": ["ASPHALT"],
      "averageRating": 4.5,
      "_count": {
        "reviews": 23,
        "favorites": 45
      }
    }
  ],
  "count": 17
}

Interactive Documentation

For interactive API documentation with the ability to test endpoints directly, visit the Swagger UI: 
http://localhost:4000/api-docs
You can also access the raw OpenAPI specification at: 
http://localhost:4000/api-docs.json

Rate Limiting

The API implements rate limiting to ensure fair usage:
  • General endpoints: Applied to all /api/* routes
  • Auth endpoints: Stricter limits on /api/auth/* routes
  • Creation endpoints: Additional limits on POST operations for route calls and photo uploads

CORS Configuration

The API allows cross-origin requests from the frontend application with the following methods:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
Allowed headers: Content-Type, Authorization

Health Check

Check the API and database status: 
GET http://localhost:4000/health
Response: 
{
  "status": "OK",
  "message": "Los Inmaduros Backend is running! 🛼",
  "timestamp": "2026-03-04T20:00:00Z",
  "database": "Connected ✅"
}

Build docs developers (and LLMs) love

Get started for freeTalk to us