Melodyo API

A comprehensive RESTful API web application for music streaming and management, built with Laravel 8 and PHP 7.4+.

Overview

Melodyo API is a feature-rich backend service that provides endpoints for music streaming, user management, artist and album management, comments, categories, and more. The API supports both public and authenticated endpoints with rate limiting and JWT authentication.

Features

Core Functionality

• Authentication & Authorization: JWT-based authentication with login, logout, registration, and password management
• User Management: User profiles, avatars, and custom user information
• Music Content:
  • Albums management with CRUD operations
  • Artist profiles and album listings
  • Music tracks with audio processing (FFmpeg integration)
  • Categories and tags organization
• Social Features:
  • Comments system with nested replies (children)
  • Like/unlike functionality for artists, albums, and comments
  • Reporting system for content moderation
• Media Management:
  • Image processing with Intervention Image
  • BlurHash support for image placeholders
  • S3-compatible storage integration
  • Audio processing with Laravel FFmpeg
• Additional Features:
  • Version checking and update management
  • Slides/banners management
  • Pages content management
  • Backup system (Spatie Laravel Backup)
  • Activity auditing (Laravel Auditing)
  • Error tracking (Sentry integration)

Admin Panel

Separate admin routes with full CRUD operations for:

• Versions management
• Slides/banners management
• All content moderation

Technology Stack

• Framework: Laravel 8.x
• PHP: 7.4+
• Authentication: JWT (tymon/jwt-auth)
• Database: MySQL
• Cache/Queue: Redis, Predis
• Media Processing:
  • Intervention Image for image manipulation
  • FFmpeg for audio processing
  • BlurHash for image placeholders
• Storage: AWS S3 compatible (via Flysystem)
• Development Tools:
  • Laravel Telescope (debugging)
  • Laravel IDE Helper
  • PHPUnit for testing

Requirements

• PHP >= 7.4
• Composer
• MySQL
• Redis (optional, for caching)
• FFmpeg (for audio processing)
• Docker & Docker Compose (optional)

Installation

Option 1: With Docker (Recommended)

# Build and start containers
docker-compose up --build -d

# Install dependencies
docker-compose exec -T app composer install --prefer-dist --no-ansi --no-interaction --no-progress --no-scripts

# Generate application key
docker-compose exec -T app php artisan key:generate

# Generate JWT secret
docker-compose exec -T app php artisan jwt:secret

# Run database migrations
docker-compose exec -T app php artisan migrate

# Start supervisor for queue workers
docker-compose exec -T app supervisord || true

Option 2: Without Docker

# Install dependencies
composer install

# Copy environment file
cp .env.example .env

# Generate application key
php artisan key:generate

# Generate JWT secret
php artisan jwt:secret

# Configure your database in .env file
# Then run migrations
php artisan migrate

# Start the development server
php artisan serve

Configuration

Update the .env file with your configuration:

Database

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=melodyo
DB_USERNAME=root
DB_PASSWORD=

JWT Authentication

JWT_TTL=60
JWT_SECRET=your-secret-key

Storage & Media

STORAGE_URL=https://your-storage-url.com
MEDIA_URL=https://your-media-url.com
MEDIA_DISK=s3
IMAGE_DRIVER=gd

FFmpeg

FFMPEG_THREADS=4

File Storage Paths

IMAGES_DISK_ROOT=/path/to/images
MUSICS_DISK_ROOT=/path/to/music
VERSIONS_DISK_ROOT=/path/to/versions

Backup (S3)

BACKUP_ACCESS_KEY_ID=your-key
BACKUP_SECRET_ACCESS_KEY=your-secret
BACKUP_BUCKET=your-bucket
BACKUP_ENDPOINT=your-endpoint
BACKUP_DEFAULT_REGION=us-east-1

API Endpoints

Public Endpoints (API v1)

Authentication (/v1/auth)

• POST /auth - Login
• POST /logout - Logout (authenticated)
• PATCH /password - Update password (authenticated)

Version Check (/v1/version)

• POST /version - Check app version
• GET /version/last - Get latest version

Pages (/v1/pages)

• Public content pages

Protected Endpoints (Require Authentication)

User (/v1/user)

• GET /user - Get user profile
• PATCH /user - Update user profile
• PATCH /user/image - Update profile image

Categories (/v1/categories)

• GET /categories - List categories
• GET /categories/{id} - Show category
• GET /categories/{id}/tags - List category tags

Albums (/v1/albums)

• Full CRUD operations
• Like/unlike functionality
• Report functionality

Artists (/v1/artists)

• GET /artists - List artists
• GET /artists/{id} - Show artist
• GET /artists/{id}/albums - List artist albums
• POST /artists/{id}/like - Like/unlike artist
• POST /artists/{id}/report - Report artist

Comments (/v1/comments)

• GET /comments/{id} - Show comment
• PATCH /comments/{id} - Update comment
• DELETE /comments/{id} - Delete comment
• POST /comments/{id}/like - Like comment
• GET /comments/{id}/children - Get nested replies

Slides (/v1/slides)

• GET /slides - List slides
• GET /slides/{id} - Show slide

Admin Endpoints

Admin routes are available under /admin prefix with full CRUD operations for content management.

Rate Limiting

• Public auth endpoints: 5 requests/minute
• Version check: 20 requests/minute
• Authenticated endpoints: 60 requests/minute

Development

Deploy Script

composer deploy

This will:

1. Install dependencies
2. Generate application key
3. Generate JWT secret
4. Optimize the application

Testing

vendor/bin/phpunit

Code Analysis

# Generate IDE helper files
php artisan ide-helper:generate
php artisan ide-helper:models
php artisan ide-helper:meta

Security

• JWT-based authentication
• Rate limiting on all endpoints
• Request validation
• CORS support
• Sentry error tracking
• Activity auditing

License

MIT License

Support

For issues and questions, please open an issue in the GitHub repository.