Authentication

User authentication operations

Register a new user

post

/auth/register

Creates a new user account.

Body

emailstring · emailRequired

User's email address.

passwordstring · passwordRequired

User's password (at least 6 characters).

rolestring · enumRequired

The role of the user.

Possible values:

Responses

201

User registered successfully.

application/json

400

Bad request (e.g., invalid input).

409

Conflict (e.g., user with this email already exists).

post

/auth/register

POST /api/v1/auth/register HTTP/1.1
Host: localhost:3000
Content-Type: application/json
Accept: */*
Content-Length: 66

{
  "email": "[email protected]",
  "password": "password",
  "role": "retailer"
}

{
  "message": "User created successfully. Please check your email to verify your account."
}

post

/auth/login

Authenticates a user and returns access and refresh tokens.

Body

emailstring · emailRequired

User's email address.

passwordstring · passwordRequired

User's password.

Responses

200

User logged in successfully.

application/json

400

Bad request (e.g., invalid input).

401

Unauthorized (e.g., invalid credentials).

post

/auth/login

POST /api/v1/auth/login HTTP/1.1
Host: localhost:3000
Content-Type: application/json
Accept: */*
Content-Length: 48

{
  "email": "[email protected]",
  "password": "password"
}

{
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Log out a user

get

/auth/logout

Logs out the currently authenticated user.

Authorizations

Responses

200

User logged out successfully.

No content

401

Unauthorized.

get

/auth/logout

GET /api/v1/auth/logout HTTP/1.1
Host: localhost:3000
Accept: */*

No content

Refresh access token

get

/auth/refresh

Refreshes the access token using the refresh token.

Authorizations

Responses

200

Access token refreshed successfully.

application/json

401

Unauthorized.

get

/auth/refresh

GET /api/v1/auth/refresh HTTP/1.1
Host: localhost:3000
Accept: */*

{
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Verify email address

get

/auth/email/verify/{code}

Verifies a user's email address using a verification code.

Path parameters

codestringRequired

The email verification code.

Responses

200

Email verified successfully.

No content

400

Bad request (e.g., invalid or expired code).

404

Not found (e.g., user not found).

get

/auth/email/verify/{code}

GET /api/v1/auth/email/verify/{code} HTTP/1.1
Host: localhost:3000
Accept: */*

No content

Send password reset email

post

/auth/password/forgot

Sends a password reset email to the user.

Body

emailstring · emailRequired

User's email address.

Responses

200

Password reset email sent successfully.

No content

400

Bad request (e.g., invalid email).

404

Not found (e.g., user not found).

post

/auth/password/forgot

POST /api/v1/auth/password/forgot HTTP/1.1
Host: localhost:3000
Content-Type: application/json
Accept: */*
Content-Length: 26

{
  "email": "[email protected]"
}

No content

Reset password

post

/auth/password/reset

Resets the user's password using a verification code.

Body

passwordstring · passwordRequired

The new password (at least 6 characters).

verificationCodestringRequired

The password reset verification code.

Responses

200

Password reset successfully.

No content

400

Bad request (e.g., invalid or expired code).

post

/auth/password/reset

POST /api/v1/auth/password/reset HTTP/1.1
Host: localhost:3000
Content-Type: application/json
Accept: */*
Content-Length: 49

{
  "password": "password",
  "verificationCode": "text"
}

No content

PreviousRoot NextUsers

Register a new user

Log in a user

Log out a user

Refresh access token

Verify email address

Send password reset email

Reset password