openapi: 3.1.0 info: title: EventPics API version: 1.0.0 description: | API for uploading photos to EventPics albums programmatically. Flow: 1) GET events and albums (`GET /geteventsandalbums`, Header‑Auth) 2) POST `getuploadurl` (`POST /getuploadurl`, Body enthält `apiKey` + Dateiinformationen) 3) PUT auf die pre‑signed `uploadUrl` (Cloudflare R2, keine zusätzlichen Auth‑Header) servers: - url: https://api.eventpics.net description: Production tags: - name: Events description: List events and albums - name: Upload description: Request upload URL and upload directly to Cloudflare R2 components: securitySchemes: bearerAuth: type: http scheme: bearer XApiKeyHeader: type: apiKey in: header name: X-API-Key schemas: Album: type: object properties: id: type: string description: Album ID title: type: string description: Display title required: [id, title] Event: type: object properties: title: type: string linkId: type: string description: Public link identifier of the event albums: type: array items: $ref: '#/components/schemas/Album' required: [title, linkId] GetEventsAndAlbumsResponse: type: object properties: events: type: array items: $ref: '#/components/schemas/Event' required: [events] example: events: - title: Summer Party linkId: abcd1234 albums: - id: a1 title: Photo booth - id: a2 title: Backstage GetUploadUrlRequest: type: object properties: apiKey: type: string linkId: type: string fileName: type: string takenAt: type: integer format: int64 description: Unix timestamp in milliseconds albumId: type: string description: Optional target album required: [apiKey, linkId, fileName] example: apiKey: YOUR_API_KEY linkId: abcd1234 fileName: photo.jpg takenAt: 1736700000000 albumId: a1 GetUploadUrlResponse: type: object properties: uploadUrl: type: string format: uri description: Pre‑signed Cloudflare R2 URL (valid ~300s) required: [uploadUrl] example: uploadUrl: https://eventpics.example.r2.cloudflarestorage.com/bucket/obj?X-Amz-Algorithm=AWS4-HMAC-SHA256&... Error: type: object properties: code: type: string message: type: string details: nullable: true required: [code, message] paths: /geteventsandalbums: get: tags: [Events] summary: List events and albums description: Lists all events for the API key including albums. security: - bearerAuth: [] - XApiKeyHeader: [] responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/GetEventsAndAlbumsResponse' '401': description: Unauthorized content: application/json: schema: $ref: '#/components/schemas/Error' '429': description: Too Many Requests '500': description: Server error /getuploadurl: post: tags: [Upload] summary: Request upload URL description: | Creates a pre‑signed `uploadUrl` for direct upload (PUT) to Cloudflare R2. Note: The URL is only valid for a short time (~300s) and the `Content-Type` used in the PUT must match the signature. requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/GetUploadUrlRequest' responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/GetUploadUrlResponse' '400': description: Bad Request content: application/json: schema: $ref: '#/components/schemas/Error' '401': description: Unauthorized content: application/json: schema: $ref: '#/components/schemas/Error' '429': description: Too Many Requests '500': description: Server error