BIO.RE
User

List Blocked Users

Read the caller's block list. Returns up to 50 most recently blocked users plus the total count. Pagination is not exposed by the controller (fixed at page 1, limit 50).

GET /api/v1/users/blocked — 🔑 Bearer

Returns the first 50 most recently blocked users from the caller's BlockList, plus the total count. Pagination is not exposed through this endpoint — the controller calls the service with the defaults (page = 1, limit = 50). For users with more than 50 blocks, the additional rows are not currently reachable via this REST endpoint; surface a "view all" affordance only when total <= 50.

The service supports pagination internally (page, limit params, max 50/page) but the controller doesn't accept query params. If you need paginated reads in the future, the service is ready — track the controller change in a follow-up.

Request

No body, no params.

HeaderRequiredNotes
Authorization: Bearer <accessToken>JWT from POST /auth/login

Response

200 OKApiResponseOf<BlockedUsersResponseDto>

{
  "success": true,
  "data": {
    "items": [
      {
        "id": "f0e1d2c3-b4a5-6789-0123-456789abcdef",
        "username": "alice",
        "displayName": "Alice Smith",
        "blockedAt": "2026-04-29T20:00:00.000Z"
      },
      {
        "id": "e1d2c3b4-a5f6-7890-1234-56789abcdef0",
        "username": "bob",
        "displayName": null,
        "blockedAt": "2026-04-28T15:30:00.000Z"
      }
    ],
    "total": 2
  }
}
FieldTypeNotes
itemsarrayUp to 50 entries, ordered by blockedAt DESC
items[].idstring (UUID)The blocked user's id (NOT the BlockList row id) — pass to DELETE /users/block/:userId to unblock
items[].usernamestring | nullBlocked user's username (may be null if never set)
items[].displayNamestring | nullBlocked user's display name
items[].blockedAtstring (ISO 8601)When the block row was created
totalnumberTotal BlockList rows for this user (may exceed items.length when total > 50)

Errors

HTTPcode / i18nKeyReason
401(guard)Missing / invalid bearer token

Side effects

  1. prisma.blockList.findMany({ where: { ownerId: userId }, include: { blocked: { select: { id, username, displayName } } }, orderBy: { createdAt: 'desc' }, skip: 0, take: 50 }).
  2. prisma.blockList.count({ where: { ownerId: userId } }) — runs in parallel with findMany.
  3. Map each BlockList row → { id: blockedId, username, displayName, blockedAt: createdAt }.
  4. Return { items, total }. No mutations.

Code samples

curl https://api.bio.re/api/v1/users/blocked \
  -H "Authorization: Bearer $ACCESS_TOKEN"
type BlockedUserItem = {
  id: string;
  username: string | null;
  displayName: string | null;
  blockedAt: string;
};

type BlockedUsersResponse = {
  items: BlockedUserItem[];
  total: number;
};

async function getBlockedUsers(accessToken: string): Promise<BlockedUsersResponse> {
  const res = await fetch('https://api.bio.re/api/v1/users/blocked', {
    headers: { Authorization: `Bearer ${accessToken}` },
  });
  const json = await res.json();
  if (!res.ok || !json.success) {
    throw Object.assign(new Error(json?.error?.message ?? 'Blocked list fetch failed'), {
      code: json?.error?.code,
    });
  }
  return json.data;
}
import { useQuery } from '@tanstack/react-query';

export const userKeys = {
  blocked: () => ['users', 'blocked'] as const,
};

export function useBlockedUsers() {
  return useQuery({
    queryKey: userKeys.blocked(),
    queryFn: async () => {
      const res = await fetch('/api/v1/users/blocked');
      const json = await res.json();
      if (!res.ok || !json.success) {
        throw Object.assign(new Error(json?.error?.message ?? 'Blocked list fetch failed'), {
          code: json?.error?.code,
          i18nKey: json?.error?.i18nKey,
        });
      }
      return json.data as BlockedUsersResponse;
    },
    staleTime: 30_000,
  });
}

Try it

GET
/api/v1/users/blocked

Authorization

bearer
AuthorizationBearer <token>

In: header

Response Body

application/json

application/json

curl -X GET "https://loading/api/v1/users/blocked"
{
  "success": true,
  "data": {
    "items": [
      {
        "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
        "username": "johndoe",
        "displayName": "John Doe",
        "blockedAt": "2019-08-24T14:15:22Z"
      }
    ],
    "total": 3
  }
}
{
  "success": false,
  "error": {
    "code": "AUTH_UNAUTHORIZED",
    "message": "Invalid credentials",
    "i18nKey": "auth.login.invalid_credentials",
    "i18nVars": {
      "field": "email"
    },
    "details": [
      {
        "message": "email must be an email"
      }
    ],
    "correlationId": "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
  }
}

Source

SourcePathLines
Controllerapps/api-core/src/modules/user/user.controller.ts308–314 (getBlockedUsers)
DTO (response)apps/api-core/src/modules/user/dto/user-client-response.dto.ts205–227 (BlockedUsersResponseDto, BlockedUserItemDto)
Serviceapps/api-core/src/modules/user/user.service.ts788–808 (getBlockedUsers)
Prisma modelspackages/prisma/prisma/schema.prismaBlockList, User.username, User.displayName

Unblock a User

Remove a previously blocked user from the caller's block list. Returns 404 if no block row exists for this pair.

Submit Appeal

File an appeal against a moderation action (ban, fraud flag, content removal, report action). Reachable by banned users via BypassBanCheck. One pending appeal per user at a time.

On this page

RequestResponse200 OKApiResponseOf<BlockedUsersResponseDto>ErrorsSide effectsCode samplesTry itSource