# API Documentation Reference
This document provides an overview of all available API documentation.
## Documentation Types
The project maintains multiple types of API documentation:
1. **FastAPI REST Endpoints** - HTTP API for client-server communication
2. **Frontend JavaScript Modules** - Client-side application code
3. **Backend Python Modules** - Server-side business logic and utilities
4. **Auto-generated OpenAPI Client** - Type-safe JavaScript client for REST endpoints
## 1. FastAPI REST API
### Live Documentation
When the development server is running, interactive API documentation is available at:
- **Swagger UI**: [http://localhost:8000/docs](http://localhost:8000/docs)
- **ReDoc**: [http://localhost:8000/redoc](http://localhost:8000/redoc)
These provide:
- Interactive endpoint testing
- Request/response schemas
- Authentication requirements
- Parameter validation rules
### OpenAPI Schema
The complete OpenAPI 3.0 schema is available at:
- **JSON**: [http://localhost:8000/openapi.json](http://localhost:8000/openapi.json)
This schema is used to auto-generate the frontend API client.
### REST Endpoint Categories
**Authentication**
- `/api/v1/auth/login` - User login
- `/api/v1/auth/logout` - User logout
- `/api/v1/auth/session` - Session validation
**Collections**
- `/api/v1/collections` - List, create, update, delete collections
- `/api/v1/collections/{id}` - Get, update, delete specific collection
**Files**
- `/api/v1/files/list` - List accessible files
- `/api/v1/files/{doc_id}` - Serve file content (PDF/XML)
- `/api/v1/files/save` - Save TEI XML content
- `/api/v1/files/upload` - Upload new PDF
- `/api/v1/files/copy` - Copy files between collections
- `/api/v1/files/move` - Move files between collections
- `/api/v1/files/delete` - Soft-delete files
**File Locks**
- `/api/v1/files/locks` - Get current locks
- `/api/v1/files/check_lock` - Check lock status
- `/api/v1/files/acquire_lock` - Acquire editing lock
- `/api/v1/files/release_lock` - Release editing lock
- `/api/v1/files/heartbeat` - Extend lock expiration
**Extraction**
- `/api/v1/extraction/list` - List available extractors
- `/api/v1/extraction` - Extract TEI from PDF
**Validation**
- `/api/v1/validation` - Validate TEI XML
- `/api/v1/validation/autocomplete-data` - Get autocomplete suggestions
**Schema**
- `/api/v1/schema/{type}/{variant}` - Get XSD/RelaxNG schemas
**Sync**
- `/api/v1/sync/status` - Get WebDAV sync status
- `/api/v1/sync` - Trigger sync operation
- `/api/v1/sync/conflicts` - List sync conflicts
- `/api/v1/sync/resolve-conflict` - Resolve conflict
**SSE (Server-Sent Events)**
- `/api/v1/sse/subscribe` - Subscribe to real-time events
- `/api/v1/sse/test/echo` - Test event broadcast
**Users & RBAC**
- `/api/v1/users` - User management
- `/api/v1/groups` - Group management
- `/api/v1/roles` - Role management
## 2. Frontend JavaScript API
### Generated HTML Documentation
Frontend module documentation is auto-generated from JSDoc comments using the `jsdoc` tool with the `better-docs` theme.
**Generate frontend docs:**
```bash
npm run docs:frontend
```
**View frontend docs:**
```bash
npm run docs:serve
# Open http://localhost:8080/frontend
```
**Location:** `docs/api/frontend/` (git-ignored)
### Module Categories
**Plugin System**
- `plugin-base.js` - Base plugin class with lifecycle hooks
- `plugin-manager.js` - Plugin registration and lifecycle management
- `plugin-context.js` - Plugin API context for state/events
**State Management**
- `state-manager.js` - Application state with change detection
- `application.js` - Main application controller
**UI System**
- `ui-system.js` - UI element registration and navigation
- `panels/*.js` - Panel management
**RBAC**
- `rbac/entity-manager.js` - Role-based access control entities
- `acl-utils.js` - Access control utilities
**Editors**
- `xmleditor.js` - CodeMirror-based XML editor
- `navigatable-xmleditor.js` - XML editor with navigation
- `pdfviewer.js` - PDF.js viewer integration
**Utilities**
- `utils.js` - General utilities
- `sl-utils.js` - Shoelace component helpers
- `browser-utils.js` - Browser compatibility utilities
**API Client**
- `api-client-v1.js` - Auto-generated FastAPI client (DO NOT EDIT)
## 3. Backend Python API
### Generated HTML Documentation
Backend module documentation is auto-generated from Google-style docstrings using `pdoc`.
**Generate backend docs:**
```bash
npm run docs:backend
```
**View backend docs:**
```bash
npm run docs:serve
# Open http://localhost:8080/backend
```
**Location:** `docs/api/backend/` (git-ignored)
### Generated JSON Documentation
Machine-readable JSON documentation for AI code assistants.
**Generate backend JSON:**
```bash
npm run docs:backend:json
```
**Location:** `docs/api/backend-api.json` (git-ignored, ~980KB)
**Usage:** This JSON file contains complete class/function signatures with type annotations and docstrings. Use it to verify API existence and signatures before writing code that calls backend methods.
### Module Categories
**Core Libraries (`fastapi_app/lib/`)**
- `access_control.py` - Document permission checking
- `auth.py` - User authentication
- `database.py` - SQLite database operations
- `file_repository.py` - File metadata CRUD
- `file_storage.py` - Physical file storage
- `locking.py` - File editing locks
- `sessions.py` - Session management
- `tei_utils.py` - TEI XML processing utilities
- `user_utils.py` - User/group/collection utilities
- `xml_utils.py` - XML validation and processing
- `migrations/` - Database migration infrastructure
**Plugin System (`fastapi_app/plugins/`)**
- `edit_history/` - Edit history tracking
- `iaa_analyzer/` - Inter-annotator agreement analysis
- `sample_analyzer/` - Sample data analysis
- `annotation_versions_analyzer/` - Version comparison
**API Routes (`fastapi_app/routers/`)**
- `auth.py` - Authentication endpoints
- `collections.py` - Collection management
- `files_*.py` - File operations (list, serve, save, upload, locks)
- `extraction.py` - TEI extraction
- `validation.py` - XML validation
- `sync.py` - WebDAV sync
- `sse.py` - Server-sent events
- `users.py`, `groups.py`, `roles.py` - RBAC management
## 4. Auto-generated API Client
### Generation
The frontend API client is auto-generated from the FastAPI OpenAPI schema:
**Regenerate client:**
```bash
npm run generate-client
```
**Check if outdated:**
```bash
npm run generate-client:check
```
**Location:** `app/src/modules/api-client-v1.js` (DO NOT EDIT MANUALLY)
### Usage
```javascript
import { ApiClientV1 } from './modules/api-client-v1.js';
const client = new ApiClientV1({ baseUrl: '/api/v1', sessionId });
// Type-safe method calls
const files = await client.files.list({ collection: 'manuscripts' });
const content = await client.files.serve({ doc_id: 'doc-123', type: 'xml' });
await client.files.save({ doc_id: 'doc-123', content: '...' });
```
All methods are strongly typed based on the OpenAPI schema.
## Documentation Commands
### Generate All Documentation
```bash
npm run docs:generate
```
Generates:
- Frontend HTML docs
- Backend HTML docs
- Backend JSON docs
### Generate Specific Documentation
```bash
npm run docs:frontend # Frontend HTML only
npm run docs:backend # Backend HTML only
npm run docs:backend:json # Backend JSON only
```
### Serve Documentation Locally
```bash
npm run docs:serve
```
Starts HTTP server at [http://localhost:8080](http://localhost:8080) serving:
- `frontend/` - Frontend module docs
- `backend/` - Backend module docs
- `backend-api.json` - Machine-readable backend API
### Clean Generated Documentation
```bash
npm run docs:clean
```
Removes all generated documentation files.
## Programmatic API Access
### Environment Variables for CLI Scripts
All CLI scripts and external tools that access the HTTP API should support these environment variables (from `.env` file):
```bash
# API credentials
API_USER=admin
API_PASSWORD=admin
# API base URL (default: http://localhost:8000)
API_BASE_URL=http://localhost:8000
```
**Example usage:**
```bash
# Create .env file with credentials
cat > .env << EOF
API_USER=admin
API_PASSWORD=admin
API_BASE_URL=http://localhost:8000
EOF
# Run CLI script (will read credentials from .env)
node bin/batch-extract.js /path/to/pdfs --collection my_collection --extractor mock-extractor
# Or override via CLI parameters
node bin/batch-extract.js /path/to/pdfs \
--user admin \
--password admin \
--base-url http://localhost:8000 \
--collection my_collection \
--extractor mock-extractor
```
**CLI scripts should:**
- Accept optional `--env ` parameter (default: `./.env`)
- Support `--user`, `--password`, `--base-url` CLI parameters that override env vars
- Use SHA-256 password hashing for authentication (matching frontend)
- Make authenticated requests with `X-Session-ID` header
**Example implementations:**
- [bin/batch-extract.js](bin/batch-extract.js) - Batch PDF metadata extraction
## Best Practices
### For Developers
**Before adding new code:**
1. Check generated documentation to verify APIs don't already exist
2. Use backend JSON (`docs/api/backend-api.json`) to verify method signatures
3. Consult frontend HTML docs to understand existing patterns
4. Review FastAPI docs at `/docs` for endpoint requirements
**After adding new code:**
1. Add comprehensive JSDoc comments (frontend)
2. Add Google-style docstrings (backend)
3. Regenerate documentation: `npm run docs:generate`
4. Verify documentation renders correctly: `npm run docs:serve`
**When creating new endpoints:**
1. Add endpoint to appropriate router in `fastapi_app/routers/`
2. Regenerate API client: `npm run generate-client`
3. Check client was updated correctly
4. Update integration tests
### For AI Code Assistants
**Before suggesting new APIs:**
1. Read class definition or module exports
2. Check `docs/api/backend-api.json` for Python signatures
3. Check frontend HTML docs for JavaScript exports
4. Verify in FastAPI docs at `/docs`
**Never:**
- Assume a method exists without verification
- Use generic "object" types when specific types exist in docs
- Skip documentation generation after adding new code
## Related Documentation
- [Architecture Overview](architecture.md) - System design and components
- [Database Schema](database.md) - Database structure and migrations
- [Access Control](access-control.md) - RBAC and permissions
- [Plugin System](plugin-system.md) - Creating plugins
- [Testing Guide](testing.md) - API testing patterns
- [Contributing](contributing.md) - Development workflow