Skip to main content
POST
/
api
/
users
/
signup
Sign Up
curl --request POST \
  --url https://api.example.com/api/users/signup \
  --header 'Content-Type: application/json' \
  --data '
{
  "username": "<string>",
  "email": "<string>",
  "password": "<string>"
}
'
{
  "message": "<string>",
  "token": "<string>",
  "userId": 123,
  "username": "<string>",
  "error": "<string>"
}

Endpoint

POST /api/users/signup
Creates a new user account with username, email, and password. Returns a JWT token valid for 7 days upon successful registration.

Request Body

username
string
required
Unique username for the account. Must not already exist in the system.
email
string
required
User’s email address. Must be unique and not already registered.
password
string
required
Account password. Will be hashed using bcrypt with 10 salt rounds before storage.

Response

message
string
Success message: “Usuario registrado exitosamente”
token
string
JWT authentication token valid for 7 days. Include in Authorization header for authenticated requests.
userId
integer
Unique identifier for the newly created user.
username
string
The registered username.

Code Examples

curl -X POST https://api.mediguide.com/api/users/signup \
  -H "Content-Type: application/json" \
  -d '{
    "username": "johndoe",
    "email": "[email protected]",
    "password": "securePassword123"
  }'

Response Example

Success Response (201)
{
  "message": "Usuario registrado exitosamente",
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "userId": 42,
  "username": "johndoe"
}

Error Responses

error
string
Error message describing what went wrong.

400 Bad Request

Returned when required fields are missing or validation fails.
Missing Fields
{
  "error": "Todos los campos son requeridos"
}
Username Already Exists
{
  "error": "Usuario ya está registrado"
}
Email Already Exists
{
  "error": "Correo ya está registrado"
}

500 Internal Server Error

Returned when an unexpected server error occurs.
Server Error
{
  "error": "Error interno del servidor"
}

Implementation Details

  • Passwords are hashed using bcrypt with 10 salt rounds before database storage
  • JWT tokens are signed with HS256 algorithm and expire after 7 days
  • The system checks for both username and email uniqueness before registration
  • User creation timestamp is automatically set to current time
  • Source: src/routes/users.js:11

Build docs developers (and LLMs) love

Get started for freeTalk to us