# Hasta Backend ## API Docs - lookup [Get localised seed data](https://doc.uat-api.hastaai.in/get-localised-seed-data-35207598e0.md): Returns all seed data - zodiac signs, relation types, in-app events, active subscription plans, and FAQs - in the requested language. Cached in Redis per language code; admin must clear cache after any data update. - lookup [Get core seed data](https://doc.uat-api.hastaai.in/get-core-seed-data-35929826e0.md): **Request:** No body - lookup [Get zodiac signs](https://doc.uat-api.hastaai.in/get-zodiac-signs-35929827e0.md): **Request:** No body - lookup [Get subscription and pricing plans](https://doc.uat-api.hastaai.in/get-subscription-and-pricing-plans-35929828e0.md): **Request:** No body - lookup [Get FAQs](https://doc.uat-api.hastaai.in/get-faqs-35929829e0.md): **Request:** No body - lookup [Get notification intervals](https://doc.uat-api.hastaai.in/get-notification-intervals-36354465e0.md): **Request:** No body - audit [Get audit logs](https://doc.uat-api.hastaai.in/get-audit-logs-35207599e0.md): **Request:** No body - filters passed as query parameters - auth [Register device](https://doc.uat-api.hastaai.in/register-device-35270438e0.md): Registers a guest user device for push notifications. Call this on first app launch before the user logs in. If the device is already registered, updates fcm_token and device_details. Location is extracted from Cloudflare headers automatically. - auth [Send OTP](https://doc.uat-api.hastaai.in/send-otp-35270439e0.md): Sends a 6-digit OTP to the provided email address. OTP is valid for 5 minutes. Requires the device to be registered first. User is locked for 24 hours after 3 failed attempts. - auth [Verify OTP and login](https://doc.uat-api.hastaai.in/verify-otp-and-login-35270440e0.md): Verifies the OTP sent to the email. On success, links the email to the device, upgrades the user role to authenticated_user, and returns access + refresh tokens. - auth [Resend OTP](https://doc.uat-api.hastaai.in/resend-otp-35270441e0.md): Clears the previous OTP and sends a fresh 6-digit OTP to the email. New OTP is valid for 5 minutes. User is locked for 24 hours after 3 total OTP requests. - auth [Refresh access token](https://doc.uat-api.hastaai.in/refresh-access-token-35270442e0.md): Issues a new access token using a valid refresh token. The refresh token must not be expired. - auth [Logout](https://doc.uat-api.hastaai.in/logout-35270443e0.md): Deletes the access token from the database. Requires a valid Bearer token in the Authorization header. - auth [Google OAuth login](https://doc.uat-api.hastaai.in/google-oauth-login-35583934e0.md): Verifies a Firebase Google ID token. On success, upserts the user (inserts profile on first login), links the device, and returns access + refresh tokens with `is_onboarded` status. - admin [Register admin account](https://doc.uat-api.hastaai.in/register-admin-account-35270444e0.md): **Request:** `application/json` - admin [Admin login](https://doc.uat-api.hastaai.in/admin-login-35270445e0.md): **Request:** `application/json` - admin [Admin logout](https://doc.uat-api.hastaai.in/admin-logout-35270446e0.md): **Request:** No body - auth token only - admin [Refresh admin access token](https://doc.uat-api.hastaai.in/refresh-admin-access-token-35270447e0.md): **Request:** `application/json` - admin [Get admin profile](https://doc.uat-api.hastaai.in/get-admin-profile-35270448e0.md): **Request:** No body - auth token only - admin [Update admin password](https://doc.uat-api.hastaai.in/update-admin-password-35270449e0.md): **Request:** `application/json` - admin [Edit language](https://doc.uat-api.hastaai.in/edit-language-35270450e0.md): **Request:** `application/json` - admin [Add language](https://doc.uat-api.hastaai.in/add-language-35270451e0.md): **Request:** `application/json` - admin [Delete language](https://doc.uat-api.hastaai.in/delete-language-35270452e0.md): **Request:** `application/json` - admin [Delete user event logs](https://doc.uat-api.hastaai.in/delete-user-event-logs-35270453e0.md): **Request:** No body - admin [Clear lookup cache](https://doc.uat-api.hastaai.in/clear-lookup-cache-35270454e0.md): Deletes all `lookup:*` keys from Redis (both the languages cache and all per-language data caches) so the next call re-fetches fresh data from the DB. Call this after updating FAQs, languages, subscriptions, relations, or any other lookup data. - admin [Clear cache](https://doc.uat-api.hastaai.in/clear-cache-35701951e0.md): **Request:** No body - blogs [Admin - get all blogs](https://doc.uat-api.hastaai.in/admin-get-all-blogs-35583935e0.md): **Request:** No body - filters passed as query parameters - blogs [Admin - delete a blog](https://doc.uat-api.hastaai.in/admin-delete-a-blog-35583936e0.md): **Request:** `application/json` - blogs [Get all blogs](https://doc.uat-api.hastaai.in/get-all-blogs-35583937e0.md): **Request:** No body - filters passed as query parameters - blogs [Get blog categories](https://doc.uat-api.hastaai.in/get-blog-categories-35583938e0.md): **Request:** No body - blogs [Update blog status](https://doc.uat-api.hastaai.in/update-blog-status-35583939e0.md): **Request:** `application/json` - blogs [Admin - send blog notification](https://doc.uat-api.hastaai.in/admin-send-blog-notification-35583940e0.md): **Request:** `application/json` - blogs [Get blog details](https://doc.uat-api.hastaai.in/get-blog-details-35980444e0.md): **Request:** No body - `slug` is a path parameter - blogs [Subscribe to blog notifications](https://doc.uat-api.hastaai.in/subscribe-to-blog-notifications-35583941e0.md): **Request:** `application/json` - blogs [Unsubscribe from blog notifications](https://doc.uat-api.hastaai.in/unsubscribe-from-blog-notifications-35583942e0.md): **Request:** `application/json` - feedback [Submit a user feedback](https://doc.uat-api.hastaai.in/submit-a-user-feedback-35929830e0.md): **Request:** `application/json` - feedback [Get all queries](https://doc.uat-api.hastaai.in/get-all-queries-35929831e0.md): **Request:** No body - filters passed as query parameters - feedback [Update user query status](https://doc.uat-api.hastaai.in/update-user-query-status-35929832e0.md): **Request:** `application/json` - feedback [Get all reviews](https://doc.uat-api.hastaai.in/get-all-reviews-35929833e0.md): **Request:** No body - filters passed as query parameters - feedback [Update review status](https://doc.uat-api.hastaai.in/update-review-status-35929834e0.md): **Request:** `application/json` - feedback [Get all featured reviews](https://doc.uat-api.hastaai.in/get-all-featured-reviews-35929835e0.md): **Request:** No body - events [Track a user event](https://doc.uat-api.hastaai.in/track-a-user-event-36354466e0.md): Log an in-app event for the authenticated user. Pass the `event_name` from the `/lookup/core` events list. - events [Fetch all tracked events](https://doc.uat-api.hastaai.in/fetch-all-tracked-events-36354467e0.md): Paginated list of all user events. Filter by event_name or search by device ID / screen context. Admin role required. - notifications [Send broadcast notification](https://doc.uat-api.hastaai.in/send-broadcast-notification-36354468e0.md): Send a notification to all active opted-in users via Firebase multicast. Saves one generic that visible to all users in their notification feed. Admin only. - notifications [Send custom notification to a user](https://doc.uat-api.hastaai.in/send-custom-notification-to-a-user-36354469e0.md): Send a targeted notification to a specific user via Firebase. Admin only. - notifications [Fetch user notifications](https://doc.uat-api.hastaai.in/fetch-user-notifications-37087139e0.md): Returns paginated notifications for the authenticated user - includes their own targeted notifications plus all generic broadcast notifications. Calling this endpoint marks ALL of the user's notifications as read, so returned items always have `is_read=true`. - notifications [Get unread notification count](https://doc.uat-api.hastaai.in/get-unread-notification-count-37087416e0.md): Returns the number of unread notifications for the authenticated user (their targeted notifications plus generic broadcasts not yet read). Use for the notification badge. - notifications [Mark notification as read](https://doc.uat-api.hastaai.in/mark-notification-as-read-36354471e0.md): Mark a specific notification as read. Only applies to notifications belonging to the authenticated user. - reminders [Fetch user reminders](https://doc.uat-api.hastaai.in/fetch-user-reminders-36354472e0.md): Returns all active reminders for the authenticated user, including reminders set for family members. Ordered by creation date. - reminders [Create a reminder](https://doc.uat-api.hastaai.in/create-a-reminder-36354473e0.md): Create a new reminder for the authenticated user or one of their family members. Supports daily and weekly repeat schedules. The next trigger time is computed automatically from reminder_time and timezone. repeat_days is required when repeat_type is 'weekly' (0=Monday … 6=Sunday). - reminders [Update a reminder](https://doc.uat-api.hastaai.in/update-a-reminder-36354474e0.md): Update an existing reminder. All fields are optional - only provided fields are applied. If reminder_time, timezone, repeat_type, or repeat_days changes, next_trigger_on is recomputed automatically. Set is_active=false to pause a reminder without deleting it. - reminders [Delete a reminder](https://doc.uat-api.hastaai.in/delete-a-reminder-36354475e0.md): Deactivates the reminder (sets is_active=false). The reminder will no longer appear in the user's list or trigger any notifications. - user [Create / complete user profile](https://doc.uat-api.hastaai.in/create-complete-user-profile-36366299e0.md): **Request:** `multipart/form-data` - user [Get my profile](https://doc.uat-api.hastaai.in/get-my-profile-36366300e0.md): **Request:** No body - auth token only - user [Update profile image](https://doc.uat-api.hastaai.in/update-profile-image-36636841e0.md): **Request:** `multipart/form-data` - user [Update language preference](https://doc.uat-api.hastaai.in/update-language-preference-36366301e0.md): **Request:** `application/json` - user [Update push notification preference](https://doc.uat-api.hastaai.in/update-push-notification-preference-36366302e0.md): **Request:** `application/json` - user [Get my family members](https://doc.uat-api.hastaai.in/get-my-family-members-36366303e0.md): **Request:** No body - auth token only - user [Add a family member](https://doc.uat-api.hastaai.in/add-a-family-member-36366304e0.md): **Request:** `multipart/form-data` - user [Delete a family member](https://doc.uat-api.hastaai.in/delete-a-family-member-36366305e0.md): **Request:** No body - `family_key` is a path parameter - user [Update family member profile image](https://doc.uat-api.hastaai.in/update-family-member-profile-image-36636842e0.md): **Request:** `multipart/form-data` - user [Admin - list users](https://doc.uat-api.hastaai.in/admin-list-users-36366306e0.md): **Request:** No body - filters passed as query parameters - user [Admin - get user details with family](https://doc.uat-api.hastaai.in/admin-get-user-details-with-family-36366307e0.md): **Request:** No body - `user_key` is a path parameter - user [Admin - delete user and all family members](https://doc.uat-api.hastaai.in/admin-delete-user-and-all-family-members-36366308e0.md): **Request:** No body - `user_key` is a path parameter - user [Create / complete user profile](https://doc.uat-api.hastaai.in/create-complete-user-profile-36636840e0.md): **Request:** `multipart/form-data` - user [Admin - update user status](https://doc.uat-api.hastaai.in/admin-update-user-status-36366309e0.md): **Request:** `application/json` - palm [Get user palm reading](https://doc.uat-api.hastaai.in/get-user-palm-reading-36854549e0.md): Poll this after `POST /palm/user`. Always returns HTTP `200` with a `status` field; poll until `done` or `failed`. - palm [Upload user palm image](https://doc.uat-api.hastaai.in/upload-user-palm-image-36366310e0.md): Upload a hand/palm photo for the authenticated user (JPEG / PNG / WebP, max 5 MB). MediaPipe validates that a hand is present before saving. Analysis runs in the background - you will receive a push notification when ready. - palm [Upload family member palm image](https://doc.uat-api.hastaai.in/upload-family-member-palm-image-36366311e0.md): Upload a palm image for a specific family member (JPEG / PNG / WebP, max 5 MB). MediaPipe validates that a hand is present before saving. Analysis runs in the background - you will receive a push notification when ready. - palm [Get family member palm reading](https://doc.uat-api.hastaai.in/get-family-member-palm-reading-36854550e0.md): Same state machine as `GET /palm/user`, scoped to a family member. Always returns HTTP `200` with a `status` field; poll until `done` or `failed`. - horoscopes [Get user kundali](https://doc.uat-api.hastaai.in/get-user-kundali-36854551e0.md): Returns the authenticated user's Vedic birth chart and AI-generated report. The generated payload (charts, lagna, planets, dasha, AI report) is nested under a single `kundali_data` object: it is populated only when `status=done` and is `null` for every other status, so the frontend can check that one key instead of each field. `north_chart_url` / `south_chart_url` live inside `kundali_data` - frontend toggles between North/South Indian style. - horoscopes [Get family member kundali](https://doc.uat-api.hastaai.in/get-family-member-kundali-36854552e0.md): Returns the Vedic birth chart for a specific family member. The generated payload (charts, lagna, planets, dasha, AI report) is nested under a single `kundali_data` object - populated when `status=done`, `null` otherwise. - horoscopes [Get horoscope (daily / weekly / monthly)](https://doc.uat-api.hastaai.in/get-horoscope-daily-weekly-monthly-37087415e0.md): Returns the horoscope for the authenticated user's sun sign for the requested period. One endpoint replaces the old daily/weekly/monthly routes - switch via the `period` query param. - reports [Share a report via email](https://doc.uat-api.hastaai.in/share-a-report-via-email-36854556e0.md): Generate a PDF for a completed report, email it to the authenticated user, and return a shareable link key. - reports [Get shared report PDF link](https://doc.uat-api.hastaai.in/get-shared-report-pdf-link-36854557e0.md): Returns the PDF download URL for a shared report. No authentication required - publicly accessible via share_key. - tarot [List all tarot cards](https://doc.uat-api.hastaai.in/list-all-tarot-cards-36854558e0.md): Returns all 22 Major Arcana cards with meanings. No auth required. - tarot [Get single tarot card by slug](https://doc.uat-api.hastaai.in/get-single-tarot-card-by-slug-36854559e0.md): Returns full details for one tarot card. No auth required. - tarot [Get today's daily tarot card](https://doc.uat-api.hastaai.in/get-todays-daily-tarot-card-36854560e0.md): Returns one deterministic tarot card for today (IST date). Same card all day - resets at midnight IST. No AI, instant. - tarot [Get a 3-card tarot reading](https://doc.uat-api.hastaai.in/get-a-3-card-tarot-reading-36854561e0.md): Draws 3 random cards (Past / Present / Future) and generates an AI interpretation via Claude Sonnet. Real-time response (~4s) - this is **synchronous**, the full result is returned in the POST response (no polling). Saved permanently. - tarot [Get tarot reading history](https://doc.uat-api.hastaai.in/get-tarot-reading-history-36854562e0.md): Returns paginated history of all daily and 3-card readings. - marriage [Generate marriage compatibility report](https://doc.uat-api.hastaai.in/generate-marriage-compatibility-report-36854563e0.md): Start a marriage compatibility analysis. Pass `family_key` to use an existing family member, or provide partner details to add them automatically. Report is generated in the background - you will be notified when ready. - marriage [Get marriage compatibility report](https://doc.uat-api.hastaai.in/get-marriage-compatibility-report-36854564e0.md): Poll this endpoint after `POST /marriage/report`. Always returns HTTP `200` with a `status` field; the client polls until `status` is `done` or `failed`. - child [Generate baby names or child timing](https://doc.uat-api.hastaai.in/generate-baby-names-or-child-timing-36854565e0.md): Single endpoint for both flows. Requires a spouse (Wife/Husband) in the family list. - child [Like or unlike a suggested baby name](https://doc.uat-api.hastaai.in/like-or-unlike-a-suggested-baby-name-36854566e0.md): Marks a single suggested name as liked or unliked (naming flow only). Toggles `is_liked` inside the stored `names` object. - child [Get child naming or timing result](https://doc.uat-api.hastaai.in/get-child-naming-or-timing-result-36854567e0.md): Poll this after `POST /child/generate`. Always returns HTTP `200` with a `status` field; poll until `done` or `failed`. The `request_type` field (`naming` | `timing`) tells the client which result shape to render. - dashboard [Dashboard overview stats](https://doc.uat-api.hastaai.in/dashboard-overview-stats-36854568e0.md): Returns snapshot stat cards for the admin dashboard. No filter. - dashboard [User growth time-series](https://doc.uat-api.hastaai.in/user-growth-time-series-36854569e0.md): Returns new-user signup counts bucketed by the chosen period. - dashboard [Subscription distribution by plan](https://doc.uat-api.hastaai.in/subscription-distribution-by-plan-36854570e0.md): Returns active subscription counts grouped by plan name for the period. - dashboard [Top-up & one-time sales distribution](https://doc.uat-api.hastaai.in/top-up-one-time-sales-distribution-36854571e0.md): Returns top-up and one-time purchase counts grouped by plan name for the period. Each item includes a `type` of `topup` or `one_time`. - dashboard [Recent activity feed](https://doc.uat-api.hastaai.in/recent-activity-feed-36854572e0.md): Returns paginated recent activity from audit logs. - Health [Liveness check](https://doc.uat-api.hastaai.in/liveness-check-36902042e0.md): Lightweight liveness probe. Returns 200 if the app is running.