kontenhumas-be/docs/CLIENT_UPDATE_WITH_AUTH_API.md

# Client Update with Auth Token API Documentation

## Overview
API endpoint untuk mengupdate data client menggunakan client ID yang diambil dari auth token, tanpa perlu menyertakan client ID sebagai path parameter.

## Endpoint

### Update Client with Auth Token
**PUT** `/clients/update`

#### Description
Mengupdate data client yang sedang login menggunakan client ID dari auth token.

#### Parameters
- Tidak ada path parameter, client ID diambil dari auth token

#### Headers
- **Authorization** (required): Bearer token untuk autentikasi user

#### Request Body
```json
{
  "name": "Updated Client Name",
  "description": "Updated client description",
  "clientType": "standalone",
  "parentClientId": null,
  "maxUsers": 100,
  "maxStorage": 1073741824,
  "settings": "{\"theme\": \"dark\"}",
  "isActive": true,
  "logoUrl": "https://example.com/logo.png",
  "logoImagePath": "clients/logos/client-id/logo.png",
  "address": "Jl. Example No. 123",
  "phoneNumber": "+62-123-456-7890",
  "website": "https://example.com"
}
```

#### Response Fields
- **name** (string, optional): Nama client
- **description** (string, optional): Deskripsi client
- **clientType** (string, optional): Tipe client (`parent_client`, `sub_client`, `standalone`)
- **parentClientId** (string, optional): ID parent client (untuk sub client)
- **maxUsers** (integer, optional): Batas maksimal user
- **maxStorage** (integer, optional): Batas maksimal storage dalam bytes
- **settings** (string, optional): JSON string untuk custom settings
- **isActive** (boolean, optional): Status aktif client
- **logoUrl** (string, optional): URL logo client
- **logoImagePath** (string, optional): Path logo di MinIO storage
- **address** (string, optional): Alamat client
- **phoneNumber** (string, optional): Nomor telepon client
- **website** (string, optional): Website resmi client

#### Response

##### Success Response (200)
```json
{
  "success": true,
  "messages": ["Clients successfully updated"],
  "data": null
}
```

#### Error Responses

##### 400 Bad Request
```json
{
  "success": false,
  "messages": ["Validation error"],
  "data": {
    "field": "error message"
  }
}
```

##### 401 Unauthorized
```json
{
  "success": false,
  "messages": ["user not found"]
}
```

##### 500 Internal Server Error
```json
{
  "success": false,
  "messages": ["client ID not found in user token"]
}
```

## Usage Examples

### cURL Example
```bash
curl -X PUT "http://localhost:8080/clients/update" \
  -H "Authorization: Bearer YOUR_TOKEN_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Updated Client Name",
    "description": "Updated description",
    "clientType": "standalone",
    "maxUsers": 100,
    "isActive": true,
    "address": "Jl. Example No. 123",
    "phoneNumber": "+62-123-456-7890",
    "website": "https://example.com"
  }'
```

### JavaScript Example
```javascript
const updateClient = async (clientData) => {
  try {
    const response = await fetch('/clients/update', {
      method: 'PUT',
      headers: {
        'Authorization': `Bearer ${token}`,
        'Content-Type': 'application/json'
      },
      body: JSON.stringify(clientData)
    });
    
    const data = await response.json();
    
    if (data.success) {
      console.log('Client updated successfully');
    } else {
      console.error('Update failed:', data.messages);
    }
  } catch (error) {
    console.error('Error updating client:', error);
  }
};

// Usage
updateClient({
  name: "Updated Client Name",
  description: "Updated description",
  clientType: "standalone",
  maxUsers: 100,
  isActive: true,
  address: "Jl. Example No. 123",
  phoneNumber: "+62-123-456-7890",
  website: "https://example.com"
});
```

## Use Cases
1. **Profile Update**: User mengupdate profil client mereka sendiri
2. **Settings Management**: Mengubah pengaturan client
3. **Contact Information**: Mengupdate informasi kontak client
4. **Logo Management**: Mengupdate URL atau path logo client
5. **Resource Limits**: Mengubah batas user atau storage

## Security Features
- **Authentication Required**: Harus menggunakan Bearer token yang valid
- **Client Isolation**: User hanya bisa mengupdate client mereka sendiri
- **Token Validation**: Client ID diambil dari token yang sudah diverifikasi
- **Input Validation**: Semua input divalidasi sebelum diproses

## Notes
- Endpoint ini menggunakan middleware `UserMiddleware` untuk mengekstrak informasi user dari JWT token
- Client ID diambil dari `user.ClientId` dalam token
- Jika user tidak ditemukan atau client ID tidak ada dalam token, akan mengembalikan error
- Semua field dalam request body bersifat optional
- Endpoint ini lebih aman daripada endpoint update dengan path parameter karena mencegah user mengupdate client lain