This document describes the API endpoints for OpenTalib.
All requests (except login/signup) require a valid Supabase session. The session is managed via HTTP-only cookies in the browser.
For server-to-server communication or admin scripts, you can use the SUPABASE_SERVICE_KEY in the Authorization header:
Authorization: Bearer <your-service-key>| Endpoint Prefix | Allowed Roles |
|---|---|
/api/admin/* |
admin |
/api/teacher/* |
teacher, admin |
/api/user/* |
All authenticated users |
/api/generate/* |
teacher, admin, mature_student |
Authenticates a user and sets a session cookie.
- Body:
{ "email": "...", "password": "..." }
Creates a new user account.
- Body:
{ "email": "...", "password": "...", "inviteCode": "...", "role": "..." } - Note:
inviteCodeis required forschool_studentrole.
Lists all students linked to the teacher.
Assigns a course to one or more students.
- Body:
{ "classroom_id": "...", "student_ids": ["..."] }
Removes a course assignment.
- Body:
{ "classroom_id": "...", "student_id": "..." }
Returns aggregated statistics for the teacher's students and courses.
Returns all courses owned by the user.
Saves or updates a course. Support init: true for placeholder creation.
- Body:
{ "id": "...", "title": "...", "scenes": [...], "init": boolean }
Used for incremental scene saves during generation.
- Body:
{ "scenes": [...] }
Returns courses assigned to the student by their teacher.
Lists all users in the system (via GoTrue Admin API).
Update user profile or role.
- Body:
{ "user_id": "...", "new_role": "...", "display_name": "...", "disabled": boolean }
Returns system-wide platform statistics.
| Code | Status | Description |
|---|---|---|
UNAUTHORIZED |
401 | Missing or invalid authentication. |
FORBIDDEN |
403 | User role does not have permission for this resource. |
MISSING_REQUIRED_FIELD |
400 | The request body is missing a required parameter. |
INTERNAL_ERROR |
500 | An unexpected error occurred on the server. |
AUTH_CONFIG_ERROR |
500 | Server-side environment variables for Auth are missing. |