CineCrowd API Documentation

Overview

Access users and movies in JSON via http://www.040.studio/api/. All responses follow:

{
  "success": true,
  "data": { ... },
  "message": "Info"
}

Auth & CSRF

GET endpoints are open. POST/PUT/DELETE require a valid CSRF token via X-CSRFToken header and a session cookie.

Endpoints

Users

Method	Endpoint	Description
GET	/users	List all users (id, name, movie_count).
GET	/users/<id>	Get user details and their movies.
GET	/users/<id>/movies	List a user’s movies with ratings.
POST	/users/<id>/movies	Add movie to user list. JSON body, CSRF required.
PUT	/users/<id>/movies/<mid>	Update user rating (0–5 or null). JSON + CSRF.
DELETE	/users/<id>/movies/<mid>	Remove movie from list. CSRF required.

Movies

Method	Endpoint	Description
GET	/movies	List all movies.
GET	/movies/<mid>	Movie details + comments.
GET	/movies/<mid>/comments	List comments for a movie.
POST	/movies/<mid>/comments	Add comment (form data + CSRF).
POST	/check_or_create_movie_by_imdb	Check or add movie by IMDb ID. JSON + CSRF.

OMDb Proxy

Method	Endpoint	Description
GET	/omdb_proxy?title=<title>&year=<opt>	Forward search to OMDb, return raw data.

UI JSON Endpoints

Used by the main app for AJAX; CSRF applies on state changes.

Method	Endpoint	Description
POST	/login	Login (form data + CSRF).
POST	/register	Register (form data + CSRF).
GET	/movie/<mid>	Movie JSON for UI.
POST	/movie/<mid>/comment/page	Add comment via JSON + CSRF.
GET	/movie/<mid>/ai_recommendations	Fetch AI recommendations.