REST API · v1

API reference

ChiliSense exposes a small JSON REST API for analysis and report management. All authenticated endpoints use a session cookie issued at sign-in.

Base URL

/api

Auth

Session cookie (httpOnly)

Inference timeout

60 seconds

Analysis

POST/api/analyze requires auth

Run the chili detection + classification pipeline on an image.

Accepts a multipart/form-data payload containing a single image (JPEG or PNG, up to 10 MB). Runs the YOLOv11 segmentation model followed by the EfficientNetV2-S health classifier, persists the result, and returns the structured prediction.

Request body

// multipart/form-data
image: File          // required — JPEG or PNG, ≤ 10 MB

Example response

{
  "success": true,
  "predictionId": "pred_a3f9…",
  "result": {
    "detectedChilis": 12,
    "healthyCount": 9,
    "unhealthyCount": 3,
    "detectionConfidence": 0.91,
    "classificationConfidence": 0.87,
    "processedImage": "data:image/jpeg;base64,…",
    "healthClassification": [
      {
        "id": 1,
        "status": "healthy",
        "confidence": 0.94,
        "boundingBox": { "x": 412, "y": 308, "width": 88, "height": 210 }
      }
    ],
    "summary": "Analysis completed. Detected 12 chili peppers …"
  }
}

Reports

GET/api/reports requires auth

List the authenticated user's saved analysis reports.

Returns every completed prediction belonging to the current user, sorted newest first. Use this to populate the Reports page.

Example response

{
  "success": true,
  "reports": [
    {
      "id": "pred_a3f9…",
      "date": "2025-04-21T08:15:33.000Z",
      "detectedChilis": 12,
      "healthyCount": 9,
      "unhealthyCount": 3,
      "detectionConfidence": 0.91,
      "classificationConfidence": 0.87
    }
  ]
}
GET/api/reports/{id} requires auth

Fetch a single report by ID.

Returns the full prediction record including the annotated image and per-instance health breakdown.

DELETE/api/reports/{id} requires auth

Permanently delete a report.

Removes the prediction record, its per-instance results, and associated images from storage. Cannot be undone.

Authentication

POST/api/auth/registerpublic

Create a new account.

Creates a user with email + password. Sets a session cookie on success.

Request body

{
  "name":     "Jane Doe",
  "email":    "jane@example.com",
  "password": "•••••••"
}
POST/api/auth/loginpublic

Sign in an existing account.

Validates credentials and sets a session cookie.

Request body

{
  "email":    "jane@example.com",
  "password": "•••••••"
}
POST/api/auth/logout requires auth

Sign out the current session.

Clears the session cookie. Safe to call when already signed out.

GET/api/auth/me requires auth

Return the current authenticated user.

Used by the client to bootstrap session state on page load.

Example response

{
  "success": true,
  "user": {
    "id":    "usr_b2c4…",
    "name":  "Jane Doe",
    "email": "jane@example.com",
    "role":  "user"
  }
}

Errors

All endpoints return JSON with a top-level success field. On failure the response includes a human-readable message. The most common status codes:

  • 400 — Missing or invalid request body.
  • 401 — Not signed in; sign in via POST /api/auth/login.
  • 403 — Authenticated but lacking the required role (e.g. admin endpoints).
  • 503 — Inference service unreachable; retry in a few seconds.

Need help integrating? See the FAQ or contact us.