Public API
Base path: /api/public
All endpoints in this module are accessible without authentication. They are used by the online booking page.
GET /public/salon-info
Get salon information and booking settings.
Response:
{
"salon_name": "Lumi Salon",
"booking_mode": "direct",
"booking_clients": "all",
"booking_show_prices": true,
"booking_show_duration": true,
"booking_allow_staff_choice": true,
"booking_min_lead_hours": 2,
"booking_max_future_days": 90,
"currency": "EUR"
}
GET /public/services
Get available services (filtered based on booking settings).
GET /public/staff
Get available staff members (only when booking_allow_staff_choice is active).
GET /public/availability
Get available time slots.
Query parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
date | date | Yes | Date |
service_id | integer | Yes | Service ID |
staff_id | integer | No | Staff member ID (optional) |
POST /public/bookings
Create a new booking via the public page.
Request body:
| Field | Type | Required |
|---|---|---|
service_id | integer | Yes |
staff_id | integer | No |
start_at | datetime | Yes |
client_name | string | Yes |
client_email | string | Yes |
client_phone | string | No |
notes | string | No |
When booking_mode=request, the booking is created as provisional. When booking_clients=existing, login is required first.
Client Authentication
POST /public/client-login
Client login with email and password.
POST /public/client-magic-link
Send a magic link email for client login.
Request body: { "email": "client@example.com" }
GET /public/client-verify-magic
Verify magic link token. Token is deleted after use.
Query parameters: token
Response: { "clientToken": "jwt" }
POST /public/reviews
Leave a review via feedback token.
| Field | Type | Required |
|---|---|---|
token | string | Yes |
rating | integer (1-5) | Yes |
comment | string | No |