Florilegio exposes an internal REST API served directly by the Django application. These endpoints are consumed by AJAX calls from the frontend study interface and the admin control panel — they are not a public third-party API. There are no API keys for external consumers; access is governed entirely by Django’s session-based authentication and same-origin CSRF protection, as appropriate to each endpoint.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/alfonsoolavarria/florilegio/llms.txt
Use this file to discover all available pages before exploring further.
Autenticación
Endpoints fall into three access tiers:- Public (unauthenticated) — Bible data endpoints (
/api/versiculo/,/api/contexto/,/api/strong/,/api/youversion/) are publicly accessible but rate-limited by IP. - Session auth required — User study endpoints and profile/payment endpoints require an active Django login session (
@login_required). Unauthenticated requests are redirected to the login page. - Staff only — Admin Bible sync endpoints require staff status (
@staff_member_required). Non-staff requests receive a 302 redirect to the admin login.
Rate Limiting
Florilegio usesdjango-ratelimit to protect all API endpoints. Limits are enforced per IP address for public endpoints and per authenticated user-or-IP for protected ones.
| Endpoint | Method | Key | Limit |
|---|---|---|---|
/api/versiculo/ | GET | IP | 200 / minute |
/api/contexto/<libro>/ | GET | IP | 200 / minute |
/api/estudios/guardar/ | POST | user_or_ip | 60 / hour |
/api/estudios/<id>/ | GET | user_or_ip | 60 / hour |
/api/paypal/subscription/activate/ | POST | user_or_ip | 10 / hour |
/api/perfil/avatar/ | POST | user_or_ip | 10 / hour |
The YouVersion proxy endpoints (
/api/youversion/bibles/ and /api/youversion/chapter/) and the Strong’s lookup endpoint (/api/strong/<numero>/) do not apply a django-ratelimit decorator. The YouVersion endpoints rely on upstream YouVersion API limits; /api/strong/ has no additional rate-limit protection.Formato de respuesta
All endpoints returnapplication/json. Successful responses use the following envelope:
message field:
Límite de plan (HTTP 403)
When an authenticated user on the free tier attempts to save more studies than their plan allows, the API returns HTTP 403 with a specific status value:limit field reflects the user’s current plan limit (free = 3 studies, premium = 100 studies, pro = unlimited).
Índice de endpoints
The table below lists every API endpoint registered inurls.py.
| Method | Path | Auth | Description |
|---|---|---|---|
| GET | /api/versiculo/ | Public | Bible verse text (modo biblia) or word-by-word morphological analysis (modo estudio) |
| GET | /api/contexto/<libro_numero>/ | Public | Introductory context and historical background for a Bible book |
| GET | /api/strong/<numero>/ | Public | Vine’s Expository Dictionary entries for a Strong’s number |
| GET | /api/youversion/bibles/ | Public | Hardcoded list of supported YouVersion Bible IDs |
| GET | /api/youversion/chapter/ | Public | HTML-formatted chapter from a YouVersion Bible |
| POST | /api/estudios/guardar/ | Login required | Save a new study note or update an existing one |
| GET | /api/estudios/<study_id>/ | Login required | Retrieve a single study note by ID |
| POST | /api/paypal/subscription/activate/ | Login required | Activate a PayPal subscription and update the user’s plan |
| POST | /api/perfil/avatar/ | Login required | Update the authenticated user’s avatar URL |
| GET | /api/admin/bible-status/ | Staff only | Sync status of all three Bible versions (NBLA, NTV, RVR09) |
| GET | /api/admin/bible-sync/<version_key>/setup/ | Staff only | Returns the list of book numbers (1–66) to iterate during a sync |
| GET | /api/admin/bible-sync/<version_key>/sync/<libro>/<cap>/ | Staff only | Fetches and stores one chapter from the API.Bible source |
| POST | /api/admin/bible-sync/<version_key>/finish/ | Staff only | Records the sync completion timestamp for a Bible version |