Welcome to the documentation of the VideoVerse API. This API is developed using the Go programming language with the Gin web framework and leverages GORM for ORM functionalities. It uses PostgreSQL as its primary database, ensuring fast, reliable, and scalable data handling. Designed to serve as a backend for a video-sharing platform similar to YouTube, this API supports video uploading, user engagement, playlist and channel management, and more.
Below are the features of the API:
- Secure Authentication: Effortlessly manage user access with login, register, email verification, and password recovery endpoints, powered by JWT authentication and industry-standard bcrypt hashing for a secure user experience.
- User Account Management: Users can register, verify their email, log in, view and update their profile, and delete their accounts. Profiles support detailed personal data such as name, gender, date of birth, bio, profile picture, location, and connected social media links.
- Video Uploading and Management: Seamlessly upload videos or images, categorize them, and organize them into playlists with visibility options (public, unlisted, private). Videos support metadata such as title, description, and status, and can be edited or removed by the user.
- User Interactions: Enhance engagement with features such as likes, dislikes, subscriptions, and comment threads. These interactions are securely tracked and can be updated or removed through authenticated requests.
- Notification System: Automatically notify users of key interactions like likes, comments, and subscriptions, with redirect URLs included for optimal frontend user experience.
- Commenting System: Post and retrieve both top-level and nested replies, with full support for linking to videos, user profiles, and parent-child comment chains.
- Dynamic Data Retrieval: All GET endpoints feature dynamic pagination, filtering, searching, and sorting options, making data retrieval intuitive and efficient.
- Robust Input Validation: Ensure data integrity with comprehensive validation on all POST, PUT, and PATCH endpoints, including checks for required fields, UUID formats, string lengths, numerical limits, and valid email or enum values.
- Secure One-Time API Key: Each request is protected with a single-use API key generated using HMAC and SHA-256 methods, ensuring robust security and integrity for every transaction while safeguarding your data from unauthorized access.
- SQL Injection Prevention: All endpoints are protected using parameterized queries via GORM, guarding against SQL injection attacks for enhanced security.
- Comprehensive Documentation: Navigate through the API with ease using clear, organized Postman documentation designed to simplify testing and ensure a smooth development experience.