Skip to main content

Login

Authentication

No authentication required (public endpoint).

Request Body

nombre
string
required
Username
contrasena
string
required
User password

Response

ok
boolean
Success indicator
statusCode
number
HTTP status code (200)
mensaje
string
“Usuario autenticado.”
data
object
User authentication data

Example Request

curl -X POST http://localhost:3000/api-productos/usuarios/login \
  -H "Content-Type: application/json" \
  -d '{
    "nombre": "admin",
    "contrasena": "mypassword"
  }' \
  -c cookies.txt

Example Response

{
  "ok": true,
  "statusCode": 200,
  "mensaje": "Usuario autenticado.",
  "data": {
    "nombre": "admin",
    "correo": "[email protected]",
    "rol": "Administrador",
    "autenticado": true
  }
}

Error Responses

401 Unauthorized
Invalid username or password
{
  "ok": false,
  "statusCode": 401,
  "mensaje": "Datos incorrectos.",
  "detalles": null
}
500 Internal Server Error
Server error during authentication
{
  "ok": false,
  "statusCode": 500,
  "mensaje": "Error al validar las credenciales.",
  "detalles": "Error message"
}

Logout

Authentication

Required: JWT token via cookie

Request Body

No request body required.

Response

ok
boolean
Success indicator
statusCode
number
HTTP status code (200)
mensaje
string
“Logout exitoso.”
data
null
No data returned

Example Request

curl -X POST http://localhost:3000/api-productos/usuarios/logout \
  -b cookies.txt

Example Response

{
  "ok": true,
  "statusCode": 200,
  "mensaje": "Logout exitoso.",
  "data": null
}

Error Responses

401 Unauthorized
Missing or invalid authentication token
500 Internal Server Error
Server error during logout
{
  "ok": false,
  "statusCode": 500,
  "mensaje": "Error al realizar el logout.",
  "detalles": "Error message"
}

Password Recovery

Authentication

No authentication required (public endpoint).

Request Body

correo
string
required
User’s registered email address

Response

ok
boolean
Success indicator
statusCode
number
HTTP status code (200)
mensaje
string
“Se ha enviado la nueva contraseña.”
data
null
No data returned

Example Request

curl -X POST http://localhost:3000/api-productos/usuarios/recuperar-contrasena \
  -H "Content-Type: application/json" \
  -d '{
    "correo": "[email protected]"
  }'

Example Response

{
  "ok": true,
  "statusCode": 200,
  "mensaje": "Se ha enviado la nueva contraseña.",
  "data": null
}

Error Responses

400 Bad Request
Email address not registered
{
  "ok": false,
  "statusCode": 400,
  "mensaje": "Correo electrónico no registrado.",
  "detalles": null
}
500 Internal Server Error
Server or email sending error
{
  "ok": false,
  "statusCode": 500,
  "mensaje": "Error al procesar la solicitud.",
  "detalles": null
}

Notes

  • The JWT token is stored in an HTTP-only cookie and automatically included in subsequent requests
  • Token expiration is set to 1 hour (3600000ms)
  • Password recovery generates a random password and emails it to the user
  • Passwords are hashed using bcrypt with 10 salt rounds before storage

Build docs developers (and LLMs) love

Get started for freeTalk to us