Qiwako Mobile API - Quick Reference

Base URL: https://ayour-domain.com/api/v1 (Production)
Dev URL: http://localhost:8000/api/v1

API Documentation: /api/v1/docs/ (Swagger UI)
OpenAPI Schema: /api/v1/schema/

Authentication

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Response (200 OK):

{
 "access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
 "refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Refresh Token

POST /api/v1/auth/refresh/
Content-Type: application/json

{
 "refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Logout

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Get Current User

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Response:

{
 "success": true,
 "data": {
 "id": 1,
 "username": "demo_admin",
 "email": "[email protected]",
 "role": "TENANT_ADMIN",
 "tenant_slug": "demo",
 "tenant_name": "Demo Tenant",
 "has_mfa": false,
 "is_superuser": false
 }
}

Register New Tenant

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Response (201 Created):

{
 "success": true,
 "data": {
 "tenant": {
 "id": 10,
 "name": "Ponpes Al-Ikhlas",
 "slug": "ponpes-al-ikhlas",
 "is_approved": false,
 "is_active": false
 },
 "admin_user": {
 "id": 25,
 "username": "admin_alikhlas",
 "email": "[email protected]"
 },
 "message": "Registration successful! Your tenant is pending approval..."
 }
}

Tenant Management

Get Tenant Stats

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Response:

{
 "total_views": 5420,
 "total_posts": 25,
 "total_campaigns": 3,
 "total_donations": 15000000,
 "recent_donations": []
}

List Posts

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Create Post

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Update Post

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Delete Post

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

List Campaigns

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Create Campaign

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Visitor Discovery

Universal Search

GET /api/v1/search/?q=pengajian&type=event&category=keagamaan

Query Parameters:
- q: Search query (min 3 characters)
- type: Filter by type (tenant, event, campaign)
- category: Filter by category
- location: Filter by location

Response:

[
 {
 "type": "tenant",
 "id": 5,
 "title": "Ponpes Al-Ikhlas",
 "description": "Pondok pesantren modern...",
 "image": "https://eyour-domain.com/media/lyour-domain.com",
 "url": "/t/ponpes-al-ikhlas/",
 "metadata": {"slug": "ponpes-al-ikhlas"}
 },
 {
 "type": "event",
 "id": 12,
 "title": "Pengajian Akbar",
 "description": "Pengajian bulanan...",
 "url": "/t/demo/events/pengajian-akbar/",
 "metadata": {
 "start_date": "2025-12-20T14:00:00Z",
 "tenant": "Demo Tenant"
 }
 }
]

Browse Tenants

GET /api/v1/directory/tenants/?page=1&search=sekolah

Browse Events

GET /api/v1/directory/events/?page=1&tenant__slug=demo

Feedback System

Submit Feedback

POST /api/v1/feedback/
Content-Type: multipart/form-data

problem_type=BUG
title=Error saat upload gambar
description=Terjadi error 500 saat upload gambar di post editor...
priority=high
page_url=https://dyour-domain.com/dashboard/posts/create/
browser_info=Chrome 120, Android 13
[email protected]
[email protected]

Response (201 Created):

{
 "success": true,
 "data": {
 "id": 42,
 "ticket_number": "FB-2025-0042",
 "problem_type": "BUG",
 "title": "Error saat upload gambar",
 "status": "open",
 "created_at": "2025-12-15T12:00:00Z",
 "screenshots": [
 {
 "id": 1,
 "image": "https://eyour-domain.com/media/feedback/syour-domain.com",
 "uploaded_at": "2025-12-15T12:00:00Z"
 }
 ]
 }
}

My Feedback

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Query Parameters:
- status: open, in_progress, resolved, closed, wont_fix
- problem_type: BUG, FEATURE, IMPROVEMENT, QUESTION, OTHER
- ordering: -created_at, priority, status

Feedback Detail

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Add Comment

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Superuser Operations

List Pending Tenants

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Approve/Reject Tenant

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

List All Feedback

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Common Response Formats

Success Response

{
 "success": true,
 "data": { ... }
}

Error Response

{
 "success": false,
 "error": {
 "code": "VALIDATION_ERROR",
 "message": "Invalid input data",
 "details": {
 "email": ["This field is required"]
 }
 }
}

Paginated Response

{
 "count": 150,
 "next": "https://ayour-domain.com/api/v1/tenants/?page=2",
 "previous": null,
 "results": [ ... ]
}

Rate Limits

Anonymous users: 100 requests/day
Authenticated users: 1000 requests/day

Headers:
- X-RateLimit-Limit: Requests allowed per period
- X-RateLimit-Remaining: Requests remaining
- X-RateLimit-Reset: Unix timestamp when limit resets

429 Too Many Requests:

{
 "detail": "Request was throttled. Expected available in 86400 seconds."
}

Authentication Headers

All authenticated requests require:

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Access tokens expire after 1 hour.
Refresh tokens expire after 7 days.

Use /api/v1/auth/refresh/ to get a new access token.

File Upload Limits

Images (logos, screenshots, campaign images): Max 5MB
Allowed formats: JPG, JPEG, PNG, WEBP
Screenshots per feedback: Max 5

HTTP Status Codes

200 OK: Success
201 Created: Resource created
400 Bad Request: Invalid input
401 Unauthorized: Authentication required
403 Forbidden: Permission denied
404 Not Found: Resource not found
429 Too Many Requests: Rate limit exceeded
500 Internal Server Error: Server error

Environment-Specific URLs

Environment	Base URL
Production	`https://ayour-domain.com/api/v1`
Staging	`https://syour-domain.com/api/v1`
Development	`http://localhost:8000/api/v1`
Android Emulator	`http://10.0.2.2:8000/api/v1`

SDK Examples

Flutter (Dio)

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Python (requests)

[Code block dihapus untuk keamanan. Hubungi superuser untuk detail lengkap.]

Testing

Swagger UI: /api/v1/docs/

Interactive API documentation where you can:
- Browse all endpoints
- Test endpoints directly
- See request/response schemas
- Authenticate and try protected endpoints

Last Updated: 2025-12-16
API Version: 1.0
Maintained By: Qiwako Development Team

Authentication

Login

Refresh Token

Logout

Get Current User

Register New Tenant

Tenant Management

Get Tenant Stats

List Posts

Create Post

Update Post

Delete Post

List Campaigns

Create Campaign

Visitor Discovery

Universal Search

Browse Tenants

Browse Events

Feedback System

Submit Feedback

My Feedback

Feedback Detail

Add Comment

Superuser Operations

List Pending Tenants

Approve/Reject Tenant

List All Feedback

Common Response Formats

Success Response

Error Response

Paginated Response

Rate Limits

Authentication Headers

File Upload Limits

HTTP Status Codes

Environment-Specific URLs

SDK Examples

Flutter (Dio)

Python (requests)

Testing