API Documentation

Laravel Matcha E-commerce API

v1.0

Overview

The Laravel Matcha API provides endpoints for managing products, orders, and user authentication for an e-commerce application. All API requests are made to the base URL:

https://matcha-backend-testing.belirbx.com/api

The API uses JSON for request and response payloads and follows RESTful conventions.

Authentication

The API uses Laravel Sanctum for authentication. Include the Bearer token in the Authorization header.

Login

POST /api/login

Authenticate user and get access token

Request Body:

{
  "email": "user@example.com",
  "password": "password"
}

Response:

{
  "success": true,
  "message": "Login successful",
  "data": {
    "user": {
      "id": 1,
      "name": "John Doe",
      "email": "user@example.com",
      "roles": ["admin"]
    },
    "token": "1|abc123..."
  }
}

Logout

POST /api/logout

Revoke current access token

Requires: Authorization header with Bearer token

Get User Profile

GET /api/me

Get authenticated user information

Requires: Authorization header with Bearer token

Products

Note: All product endpoints require authentication. Include the Bearer token in the Authorization header.

List Products

GET /api/products

Get list of active products with pagination and filtering

Requires: Authorization header with Bearer token

Headers:

Authorization: Bearer {token}
Content-Type: application/json

Query Parameters:

  • search - Search by product name
  • min_price - Minimum price filter
  • max_price - Maximum price filter
  • sort_by - Sort field (default: created_at)
  • sort_order - Sort direction (asc/desc)
  • per_page - Items per page (default: 15)

Response:

{
  "success": true,
  "data": {
    "products": [
      {
        "id": 1,
        "name": "Laptop Gaming",
        "description": "High-performance gaming laptop",
        "image": "laptop.jpg",
        "price": "15000000.00",
        "stock": 10,
        "is_active": true,
        "created_at": "2025-10-17T06:30:00.000000Z"
      }
    ],
    "pagination": {
      "current_page": 1,
      "last_page": 1,
      "per_page": 15,
      "total": 5
    }
  }
}

Get Single Product

GET /api/products/{id}

Get detailed information about a specific product

Requires: Authorization header with Bearer token

Headers:

Authorization: Bearer {token}
Content-Type: application/json

Orders

Note: All order endpoints require authentication. Include the Bearer token in the Authorization header.

Create Order

POST /api/orders

Create a new order with multiple products

Requires: Authorization header with Bearer token

Request Body:

{
  "items": [
    {
      "product_id": 1,
      "quantity": 2
    },
    {
      "product_id": 2,
      "quantity": 1
    }
  ],
  "notes": "Please deliver quickly",
  "payment_method": "qris"
}

Payment Reference

Auto-Generated: Payment reference is automatically created with format:

BELIMATCHA(ROMAN_MONTH)(YEAR)(RANDOM_NUMBER)

Example: BELIMATCHAX20251234 (October 2025, random 1234)

Response:

{
  "success": true,
  "message": "Order created successfully",
  "data": {
    "order": {
      "id": 1,
      "order_number": "ORD-ABC123",
      "total_amount": "38000000.00",
      "status": "pending",
      "payment_method": "qris",
      "payment_reference": "BELIMATCHAX20251234",
      "paid_at": null,
      "items": [
        {
          "id": 1,
          "order_id": 1,
          "product_id": 1,
          "quantity": 2,
          "price": "15000000.00",
          "total": "30000000.00",
          "product": {
            "id": 1,
            "name": "Laptop Gaming",
            "description": "High-performance gaming laptop"
          }
        }
      ],
      "created_at": "2025-10-17T06:30:00.000000Z"
    }
  }
}

Get User Orders

GET /api/orders

Get all orders for authenticated user

Requires: Authorization header with Bearer token

Get Single Order

GET /api/orders/{identifier}

Get detailed information about a specific order

Requires: Authorization header with Bearer token

Identifier can be order_number or payment_reference

Update Order Status

PUT /api/orders/{identifier}/status

Update the status of an order

Requires: Authorization header with Bearer token

Request Body:

{
  "status": "success",
  "notes": "Payment confirmed and order completed"
}

Status Options:

  • pending - Order is waiting for processing
  • processing - Order is being prepared
  • shipped - Order has been shipped
  • delivered - Order has been delivered
  • cancelled - Order has been cancelled
  • success - Order completed successfully (marks as paid)

Response:

{
  "success": true,
  "message": "Order status updated successfully",
  "data": {
    "order": {
      "id": 1,
      "order_number": "ORD-ABC123",
      "status": "success",
      "paid_at": "2025-10-17T16:34:12.000000Z",
      "notes": "Payment confirmed and order completed",
      "order_items": [...]
    }
  }
}

Mark Order as Success

PATCH /api/orders/{identifier}/success

Quickly mark an order as successful and paid

Requires: Authorization header with Bearer token

This automatically sets status to 'success' and marks as paid

Response:

{
  "success": true,
  "message": "Order marked as success successfully",
  "data": {
    "order": {
      "id": 1,
      "order_number": "ORD-ABC123",
      "status": "success",
      "paid_at": "2025-10-17T16:34:12.000000Z",
      "order_items": [...]
    }
  }
}

Payment Methods

QRIS Payment

  • Method: qris
  • Description: Digital payment via QRIS (Quick Response Code Indonesian Standard)
  • Reference: Usually contains QRIS transaction ID
  • Paid At: Set when payment is confirmed

Cash Payment

  • Method: cash
  • Description: Cash payment on delivery or pickup
  • Reference: Receipt number or cash reference
  • Paid At: Set immediately when order is created

Payment Method Validation

  • payment_method is required and must be either qris or cash
  • payment_reference is optional but recommended for tracking
  • • For cash payments, paid_at is automatically set to current timestamp
  • • For QRIS payments, paid_at is null until payment is confirmed

Error Responses

Validation Error (422)

{
  "message": "The given data was invalid.",
  "errors": {
    "email": ["The email field is required."],
    "password": ["The password field is required."]
  }
}

Authentication Error (401)

{
  "message": "Unauthenticated."
}

Not Found Error (404)

{
  "success": false,
  "message": "Product not found"
}

Server Error (500)

{
  "success": false,
  "message": "Failed to create order: Database connection error"
}