Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Rubick65/calenderyBack/llms.txt

Use this file to discover all available pages before exploring further.

These endpoints serve the authenticated app experience: fetching full or reduced user profiles, uploading avatar photos through Supabase Storage, retrieving the minimal data needed when posting comments, and reading or writing end-to-end encryption public keys.

Get user by ID

Returns the complete UserDto for a user by their numeric ID. Requires an authenticated session.

Path parameters

id
number
required
Numeric user ID.

Response 200 OK

idUsuario
number
Numeric user ID.
nombre
string
Display name.
email
string
Email address.
descripcion
string
Short bio (max 200 characters).
keypass
string
Hashed password / passphrase.
fotoPerfil
string
Profile photo URL.
clavePublica
string
E2E encryption public key.
cantidadSeguidores
number
Follower count.
cantidadSeguidos
number
Following count.
enable
boolean
Whether the account is activated.
roles
object[]
List of assigned Rol objects.
curl https://api.example.com/api/users/42 \
  -H "Authorization: Basic <base64(email:password)>"

Get user by email

Returns the complete UserDto for a user identified by their email address. Requires an authenticated session.

Path parameters

email
string
required
The user’s email address.

Response 200 OK

Same fields as Get user by ID.
curl https://api.example.com/api/users/email/alice@example.com \
  -H "Authorization: Basic <base64(email:password)>"

Get user profile

Returns a public-facing profile for the given user, including follower and following counts, whether the calling user follows them, and whether a chat already exists between the two. Requires ROLE_USER. Internally this endpoint dispatches:
  • GetUserProfileByIdRequest — fetches core profile data.
  • isFollowingRequest — checks whether the caller follows idUsuario.
  • CheckIfChatExistsRequest — checks whether a direct chat exists between the caller and idUsuario.

Query parameters

idUsuario
number
required
Numeric ID of the user whose profile to fetch.

Response 200 OK

nombre
string
Display name.
fotoPerfil
string
Profile photo URL (signed Supabase URL).
descripcion
string
Bio or description.
cantidadSeguidores
number
Total number of followers.
cantidadSeguidos
number
Total number of accounts followed.
seguidor
boolean
true if the authenticated caller is following this user.
existeChat
boolean
true if a direct chat already exists between caller and this user.
curl "https://api.example.com/api/users/app/getUserProfile?idUsuario=42" \
  -u "alice@example.com:s3cr3tP@ss"
Response
{
  "nombre": "Bob",
  "fotoPerfil": "https://supabase.example.com/storage/v1/object/sign/Avatares/42?token=...",
  "descripcion": "Hey there!",
  "cantidadSeguidores": 120,
  "cantidadSeguidos": 85,
  "seguidor": true,
  "existeChat": false
}

Get upload profile-photo signed URL

Generates a short-lived Supabase Storage signed URL that allows the client to PUT a new profile photo directly into the Avatares bucket. Requires ROLE_USER. The server:
  1. Resolves the calling user’s ID from the Authentication principal.
  2. Constructs a SupabaseStorageUploadUrlRequest for the Avatares bucket keyed by the user’s ID.
  3. Returns the pre-signed upload URL.
After receiving the URL, the client should PUT the image binary directly to that URL — no additional CalenderyBack authentication is needed for the upload itself.

Response 200 OK

url
string
Supabase Storage signed upload URL. Valid for a short window; use it immediately.
# Step 1 — obtain the signed URL
curl "https://api.example.com/api/users/app/getUploadProfileSignedUrl" \
  -u "alice@example.com:s3cr3tP@ss"
Response
{
  "url": "https://<project>.supabase.co/storage/v1/object/Avatares/42?token=<signed-token>"
}
# Step 2 — upload the photo directly to Supabase
curl -X PUT "<signed-url-from-step-1>" \
  -H "Content-Type: image/jpeg" \
  --data-binary @avatar.jpg

Get comment author data

Returns the minimal information needed to attribute a comment to the calling user: their profile photo URL and display name. Requires ROLE_USER.

Response 200 OK

fotoPerfil
string
Profile photo URL of the authenticated user.
nombreUsuario
string
Display name of the authenticated user.
curl "https://api.example.com/api/users/app/getUserCommentData" \
  -u "alice@example.com:s3cr3tP@ss"
Response
{
  "fotoPerfil": "https://supabase.example.com/storage/v1/object/sign/Avatares/42?token=...",
  "nombreUsuario": "Alice"
}

Get a user’s public key

Retrieves the E2E encryption public key stored for any user. Requires ROLE_USER. Typically called before initiating an encrypted message exchange.

Query parameters

idUsuario
number
required
Numeric ID of the user whose public key to retrieve.

Response 200 OK

publicKey
string
The user’s E2E encryption public key as a string.
curl "https://api.example.com/api/users/app/getPublicKey?idUsuario=42" \
  -u "alice@example.com:s3cr3tP@ss"
Response
{
  "publicKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA..."
}

Update the caller’s public key

Saves or replaces the E2E encryption public key for the authenticated user. Requires ROLE_USER and ownership (#userId == authentication.principal.idUsuario).

Query parameters

userId
number
required
Numeric ID of the user whose public key to update. Must match the authenticated principal.

Request body

publicKey
string
required
The new public key string to store.

Response

StatusMeaning
200 OKPublic key saved. Empty body.
403 ForbiddenuserId does not match the authenticated user.
curl -X PUT "https://api.example.com/api/users/app/publicKey?userId=42" \
  -u "alice@example.com:s3cr3tP@ss" \
  -H "Content-Type: application/json" \
  -d '{ "publicKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA..." }'

Check a user’s public key

Verifies that the provided public key string matches the one stored for the given user. Requires ROLE_USER and ownership (#userId == authentication.principal.idUsuario). Useful to detect key rotation or tampering before decrypting received messages.

Query parameters

idUsuario
number
required
Numeric ID of the user. Must match the authenticated principal.
clavePublica
string
required
The public key value to compare against the stored key.

Response

StatusMeaning
200 OKKeys match. Empty body.
403 ForbiddenidUsuario does not match the authenticated user.
4xxKeys do not match or user not found.
curl "https://api.example.com/api/users/app/checkPublicKey?idUsuario=42&clavePublica=MIIBIjAN..." \
  -u "alice@example.com:s3cr3tP@ss"

Build docs developers (and LLMs) love