Skip to main content

Base URL

All API endpoints are prefixed with: 
/api-productos

Authentication

The API uses JWT (JSON Web Token) authentication via HTTP-only cookies. After successful login, the server sets a token cookie that is automatically sent with subsequent requests.
  • Name: token
  • Type: HTTP-only
  • SameSite: lax
  • Max Age: 3600000ms (1 hour)
  • Secure: false (development mode)

Authorization

The API implements role-based access control (RBAC) with the following roles:
  • Usuario: Standard user with access to products and categories
  • Administrador: Admin user with full access including user management

Response Format

All API responses follow a consistent JSON structure.

Success Response

{
  "ok": true,
  "statusCode": 200,
  "mensaje": "Success message",
  "data": {}
}
ok
boolean
required
Indicates if the request was successful
statusCode
number
required
HTTP status code
mensaje
string
Success or informational message
data
object | array
Response data payload (null if no data)

Error Response

{
  "ok": false,
  "statusCode": 400,
  "mensaje": "Error message",
  "detalles": "Error details"
}
ok
boolean
required
Always false for errors
statusCode
number
required
HTTP error status code
mensaje
string
required
Error message
detalles
string
Detailed error information (null if not available)

HTTP Status Codes

The API uses standard HTTP status codes:
CodeDescription
200Success
201Resource created successfully
400Bad request or resource not found
401Unauthorized (invalid credentials)
403Forbidden (insufficient permissions)
500Internal server error

Rate Limiting

Currently, no rate limiting is implemented. This may be added in future versions.

API Endpoints

The API is organized into three main resource groups:

Authentication

Public endpoints for user authentication and password recovery.

Products

Manage product inventory. Requires authentication.

Categories

Manage product categories. Requires authentication.

Users

Manage system users. Requires authentication and Administrator role.

Example Request

Here’s a complete example of authenticating and making an API request: 
# Login and save cookies
curl -X POST http://localhost:3000/api-productos/usuarios/login \
  -H "Content-Type: application/json" \
  -d '{"nombre":"admin","contrasena":"password"}' \
  -c cookies.txt

# Use the saved cookie for authenticated requests
curl -X GET http://localhost:3000/api-productos/productos \
  -b cookies.txt

Build docs developers (and LLMs) love

Get started for freeTalk to us