Welcome to the Flicktionary documentation. Here you will find all the information you need to interact with the API. Flicktionary API allows users to explore information about movies. Users can sign up, update their personal details, and curate lists of their favorite films. Additionally, they can search the movie database using filters such as movie title, genre, actor name, and more.
Authentication
Most endpoints require JWT (JSON Web Token) authentication. Include the JWT token in the Authorization header of your requests:
Authorization: Bearer <your_jwt_token>
Security Features
- CORS enabled for all origins
- Security headers implemented:
- X-Content-Type-Options: nosniff
- X-Frame-Options: DENY
- X-XSS-Protection: 1; mode=block
- Password hashing for user credentials
- JWT-based authentication
API Endpoints Reference
Below is a comprehensive list of all available endpoints, their requirements, and expected responses.
| Business Logic | URL | HTTP Method | Authentication | Query Parameters | Request body data format | Response body data format |
|---|---|---|---|---|---|---|
| Return a list of ALL movies | /movies | GET | Required | None | None |
A JSON object holding data about all the movies Status: 200 OK Content-Type: application/json
Example:
[
{
_id: ObjectId('67e06937dd46a81da532279c'),
Title: 'The Silent Wave',
Description: 'A dramatic tale of ...',
Genre: {
Name: 'Drama',
Description: 'Stories that portray ...'
},
Director: {
Name: 'John Doe',
Bio: 'John Doe is a celebrated filmmaker ...',
Birth: '1975-03-15',
Death: null
},
ImagePath: '...',
Featured: true
}
]
|
| Returns data about a single movie by title. | /movies/:Title | GET | Required | Title (string) The title of the movie |
None |
A JSON object holding data about a single movie. Status: 200 OK Content-Type: application/json
Example:
{
_id: ObjectId('67e06937dd46a81da532279c'),
Title: 'The Silent Wave',
Description: 'A dramatic tale of ...',
Genre: {
Name: 'Drama',
Description: 'Stories that portray ...'
},
Director: {
Name: 'John Doe',
Bio: 'John Doe is a celebrated filmmaker ...',
Birth: '1975-03-15',
Death: null
},
ImagePath: '...',
Featured: true
}
|
| Returns data about a genre by name. | /movies/genre/:genreName | GET | Required | genreName (string) The name of the genre |
None |
A JSON object holding data about a single genre. Status: 200 OK Content-Type: application/json
Example:
{
"Name": "Fantasy",
"Description": "Movies that explore ..."
}
|
| Returns data about a director by name. | /movies/director/:directorName | GET | Required | directorName (string) The name of the director |
None |
A JSON object holding data about a single movie. Status: 200 OK Content-Type: application/json
Example:
{
"Name": "Daniel Young",
"Bio": "Daniel Young is known for ...",
"Birth": "1988-08-30",
"Death": null
}
|
| Returns a list of all users. | /users | GET | Required | None | None |
A JSON object holding data about all the users. Status: 200 OK Content-Type: application/json
Example:
[
{
_id: ObjectId('67e3ee6ec963a7641fc ...'),
Username: 'john_doe',
Email: 'john.doe@example.com',
Birthday: ISODate('1990-05-15T00 ...'),
FavoriteMovies: []
}
]
|
| Returns data about a single user by Username. | /users/:Username | GET | Required | Username (string) The Username of the user |
None |
A JSON object holding data about a single user. Status: 200 OK Content-Type: application/json
Example:
{
_id: ObjectId('67e3ee6ec963a7641fc ...'),
Username: 'john_doe',
Email: 'john.doe@example.com',
Birthday: ISODate('1990-05-15T00 ...'),
FavoriteMovies: []
}
|
| Allows new users registration. | /users | POST | Not Required | None |
Expected JSON format:
{
Username: String,
Password: String,
Email: String,
Birthday: Date
}
Validation Rules:
|
A JSON object holding data about the created user. Status: 201 Created Content-Type: application/json
Example:
{
_id: ObjectId('67e3ee6ec963a7641fc66bb6'),
Username: 'john_doe',
Email: 'john.doe@example.com',
Birthday: ISODate('1990-05-15T00:00:00.000Z'),
FavoriteMovies: []
}
|
| Allows users to update their user info. | /users/:Username | PUT | Required | Username (string) The Username of the user |
Expected JSON format:
{
Username: String,
Password: String,
Email: String,
Birthday: Date
}
Validation Rules: Same as registration
Permission: Users can only update their own profile |
A JSON object holding data about the updated user. Status: 200 OK Content-Type: application/json
Example:
{
_id: ObjectId('67e3ee6ec963a7641fc66bb6'),
Username: 'john_doe',
Email: 'john.doe@example.com',
Birthday: ISODate('1990-05-15T00:00:00.000Z'),
FavoriteMovies: []
}
|
| Allows users to add a movie to their list of favorites. | /users/:Username/movies/:MovieID | POST | Required |
Username (string) MovieID (string) |
None |
A JSON object holding the updated user data. Status: 200 OK Content-Type: application/json
Example:
{
"_id": "67e3ee6ec963a7641fc66bb6",
"Username": "john_doe",
"Email": "john.doe@example.com",
"Birthday": "1990-05-15T00:00:00.000Z",
"FavoriteMovies": ["67e06937dd46a81da53227a3", "67e06937dd46a81da53227a4"]
}
Permission: Users can only add to their own favorites |
| Allows users to remove a movie from their list of favorites. | /users/:Username/movies/:MovieID | DELETE | Required |
Username (string) MovieID (string) |
None |
A JSON object holding the updated user data. Status: 200 OK Content-Type: application/json
Example:
{
"_id": "67e3ee6ec963a7641fc66bb6",
"Username": "john_doe",
"Email": "john.doe@example.com",
"Birthday": "1990-05-15T00:00:00.000Z",
"FavoriteMovies": ["67e06937dd46a81da53227a3"]
}
Permission: Users can only remove from their own favorites |
| Allows existing users to deregister. | /users/:Username | DELETE | Required | Username (string) The Username of the user. |
None |
A message confirming the user has been removed. Status: 200 OK Content-Type: text/plain
Example:
User with username "Username" successfully removed
Permission: Users can only delete their own account |
Error Responses
The API may return the following error responses:
- 400 Bad Request: Invalid request parameters or permission denied
- 404 Not Found: Resource not found
- 422 Unprocessable Entity: Validation errors
- 500 Internal Server Error: Server-side errors