Skip to content

zeed-dev/Football-Management-API

BranchesTags

Repository files navigation

Football Management API

REST API backend using Golang (Gin) + MySQL + Clean Architecture to manage football teams, players, match schedules, match results, and statistical reports.

Prerequisites

  • Go 1.25+
  • MySQL 8.0+
  • Docker & Docker Compose (optional, for Docker setup)

Setup

Using Docker (Recommended)

  1. Clone repository and navigate to project directory:
cd football-management-api
  1. Run with Docker Compose:
docker-compose up -d

  1. Server will run at http://localhost:8080. Table migrations and seeders are automatically executed on startup.

  2. To view logs:

docker-compose logs -f api
  1. To stop:
docker-compose down
  1. To remove database data (reset):
docker-compose down -v

Note: Docker Compose automatically configures MySQL and API. Database will be created automatically with credentials:

  • User: football_user
  • Password: football_password
  • Database: football_management

Manual Setup (Without Docker)

  1. Create MySQL database:
CREATE DATABASE football_management;
  1. Copy and configure environment file:
cp .env.example .env

Configure DB_USER, DB_PASSWORD, and JWT_SECRET in the .env file.

  1. Run server:
go run cmd/main.go

Server will run at http://localhost:8080. Table migrations and seeders are automatically executed on startup.

Swagger Documentation

After the server is running, access Swagger UI at:

http://localhost:8080/swagger/index.html

To use JWT-protected endpoints, click the Authorize button and enter the token in the format:

Bearer <token>

Regenerate Swagger Docs

If there are changes to handler annotations, run:

swag init -g cmd/main.go -o docs --parseDependency --parseInternal

Seeder (Initial Data)

Seeder runs automatically on startup and is idempotent (no duplication if data already exists).

Seeded data:

Data Count Details
Users 1 admin / admin123
Teams 4 Persib Bandung, Persija Jakarta, Arema FC, PSM Makassar
Players 20 5 players per team (various positions)
Matches 5 2 completed + 3 scheduled
Goals 5 3 goals in match 1, 2 goals in match 2

To reset seed data, clear tables in the database then restart the server.

API Endpoints

Auth (Public)

Method Endpoint Description
POST /api/v1/auth/register Register new admin
POST /api/v1/auth/login Login, get JWT token

Teams (Protected - Bearer Token)

Method Endpoint Description
GET /api/v1/teams List all teams
GET /api/v1/teams/:id Team details with players
POST /api/v1/teams Add new team
PUT /api/v1/teams/:id Update team information
DELETE /api/v1/teams/:id Soft delete team

Players (Protected)

Method Endpoint Description
GET /api/v1/teams/:id/players List players per team
POST /api/v1/teams/:id/players Add player to team
GET /api/v1/players/:id Player details
PUT /api/v1/players/:id Update player
DELETE /api/v1/players/:id Soft delete player

Matches (Protected)

Method Endpoint Description
GET /api/v1/matches List all matches
GET /api/v1/matches/:id Match details
POST /api/v1/matches Create match schedule
PUT /api/v1/matches/:id Update schedule
DELETE /api/v1/matches/:id Soft delete match
POST /api/v1/matches/:id/result Report match result
GET /api/v1/matches/:id/goals List match goals

Reports (Protected)

Method Endpoint Description
GET /api/v1/reports/matches/:id Complete match report
GET /api/v1/reports/top-scorers Top scorers list

Example Requests

Login (using seeder account)

curl -X POST http://localhost:8080/api/v1/auth/login \
  -H "Content-Type: application/json" \
  -d '{"username": "admin", "password": "admin123"}'

Register New Admin

curl -X POST http://localhost:8080/api/v1/auth/register \
  -H "Content-Type: application/json" \
  -d '{"username": "manager", "password": "password123"}'

Add Team

curl -X POST http://localhost:8080/api/v1/teams \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <token>" \
  -d '{
    "name": "Bali United",
    "logo_url": "https://example.com/bali-united.png",
    "founded_year": 2010,
    "address": "Jl. Ngurah Rai No.1",
    "city": "Gianyar"
  }'

Add Player

curl -X POST http://localhost:8080/api/v1/teams/1/players \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <token>" \
  -d '{
    "name": "Ciro Alves",
    "height_cm": 182,
    "weight_kg": 76,
    "position": "penyerang",
    "jersey_number": 11
  }'

Create Match Schedule

curl -X POST http://localhost:8080/api/v1/matches \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <token>" \
  -d '{
    "home_team_id": 1,
    "away_team_id": 2,
    "match_date": "2026-05-01",
    "match_time": "19:30"
  }'

Report Match Result

curl -X POST http://localhost:8080/api/v1/matches/3/result \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <token>" \
  -d '{
    "goals": [
      {"player_id": 6, "team_id": 2, "minute": 12},
      {"player_id": 1, "team_id": 1, "minute": 55},
      {"player_id": 6, "team_id": 2, "minute": 89}
    ]
  }'

Match Report

curl http://localhost:8080/api/v1/reports/matches/1 \
  -H "Authorization: Bearer <token>"

Top Scorers

curl http://localhost:8080/api/v1/reports/top-scorers?limit=5 \
  -H "Authorization: Bearer <token>"

Security

  • JWT Authentication - All endpoints (except login/register) are protected with Bearer token
  • Password Hashing - Bcrypt for storing admin passwords
  • Input Validation - Validation using Gin binding tags
  • Soft Delete - Data is not permanently deleted, only marked with deleted_at
  • CORS Middleware - For cross-origin request security
  • SQL Injection Protection - GORM parameterized queries

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages