# Verification API Usage Examples

These examples demonstrate how to use the Content Craft AI domain verification API.

## Workflow Example

### 1. First-Time Plugin Installation

When a user installs the Content Craft AI plugin for the first time, they need to verify domain ownership before they can fully use the service.

### 2. Backend Generates a Verification Token

Your backend service generates a unique verification token for the domain.

### 3. Set the Verification Token

The backend makes a POST request to set the verification token:

```javascript
// Example using fetch API
const setVerificationToken = async (domain, verificationToken) => {
  try {
    const response = await fetch(
      `https://${domain}/wp-json/content-craft-ai/v1/verification`,
      {
        method: "POST",
        headers: {
          "Content-Type": "application/json",
        },
        body: JSON.stringify({
          token: verificationToken,
        }),
      }
    );

    const data = await response.json();
    return data;
  } catch (error) {
    console.error("Error setting verification token:", error);
    throw error;
  }
};
```

### 4. Verify Domain Ownership

The backend checks if the verification token exists and matches:

```javascript
// Example using fetch API
const verifyDomain = async (domain, expectedToken) => {
  try {
    const response = await fetch(
      `https://${domain}/wp-json/content-craft-ai/v1/verification`
    );

    if (!response.ok) {
      throw new Error(`Verification failed with status: ${response.status}`);
    }

    const data = await response.json();

    if (!data.success) {
      throw new Error("Verification failed: No token found");
    }

    // Verify the domain matches
    if (data.domain !== domain) {
      throw new Error(
        `Domain mismatch: expected ${domain}, got ${data.domain}`
      );
    }

    // Verify the token matches
    if (data.verification_token !== expectedToken) {
      throw new Error("Token mismatch: verification failed");
    }

    return {
      success: true,
      message: "Domain verified successfully",
    };
  } catch (error) {
    console.error("Domain verification failed:", error);
    throw error;
  }
};
```

## PHP Examples

### Setting Verification Token with PHP

```php
function set_verification_token($domain, $verification_token) {
    $response = wp_remote_post(
        "https://{$domain}/wp-json/content-craft-ai/v1/verification",
        array(
            'headers' => array(
                'Content-Type' => 'application/json'
            ),
            'body' => json_encode(array(
                'token' => $verification_token
            )),
            'timeout' => 30
        )
    );

    if (is_wp_error($response)) {
        return array(
            'success' => false,
            'message' => $response->get_error_message()
        );
    }

    return json_decode(wp_remote_retrieve_body($response), true);
}
```

### Verifying Domain with PHP

```php
function verify_domain($domain, $expected_token) {
    $response = wp_remote_get(
        "https://{$domain}/wp-json/content-craft-ai/v1/verification",
        array('timeout' => 30)
    );

    if (is_wp_error($response)) {
        return array(
            'success' => false,
            'message' => $response->get_error_message()
        );
    }

    $body = json_decode(wp_remote_retrieve_body($response), true);

    if (!isset($body['success']) || !$body['success']) {
        return array(
            'success' => false,
            'message' => 'Verification failed: No token found'
        );
    }

    // Verify domain matches
    if ($body['domain'] !== $domain) {
        return array(
            'success' => false,
            'message' => "Domain mismatch: expected {$domain}, got {$body['domain']}"
        );
    }

    // Verify token matches
    if ($body['verification_token'] !== $expected_token) {
        return array(
            'success' => false,
            'message' => 'Token mismatch: verification failed'
        );
    }

    return array(
        'success' => true,
        'message' => 'Domain verified successfully'
    );
}
```

## cURL Examples

### Setting a Verification Token

```bash
curl -X POST \
  https://example.com/wp-json/content-craft-ai/v1/verification \
  -H 'Content-Type: application/json' \
  -d '{"token": "abc123verification456token"}'
```

### Getting a Verification Token

```bash
curl -X GET \
  https://example.com/wp-json/content-craft-ai/v1/verification
```

### Deleting a Verification Token

```bash
curl -X DELETE \
  https://example.com/wp-json/content-craft-ai/v1/verification
```

## Complete Verification Flow Example

This example demonstrates a complete verification flow from start to finish:

```javascript
// 1. User enters their domain during signup
const userDomain = "example.com";

// 2. Generate a verification token (on your backend)
const verificationToken = generateRandomToken(); // e.g., "abc123xyz789"

// 3. Instruct the user to install the Content Craft AI plugin

// 4. Once they confirm plugin is installed, set the token
await setVerificationToken(userDomain, verificationToken);

// 5. Verify domain ownership
try {
  const result = await verifyDomain(userDomain, verificationToken);

  if (result.success) {
    // 6. Domain verified, complete user registration
    completeUserRegistration(userDomain);
  }
} catch (error) {
  // Handle verification failure
  showVerificationError(error.message);
}
```