Skip to main content
The Node Service provides JWT-based authentication for user registration and login.

POST /api/auth/register

Register a new user account.

Request Body

email
string
required
User’s email address (must be unique)
password
string
required
User’s password (will be hashed with bcrypt)
name
string
required
User’s full name

Response

message
string
Success message
user
object
Created user information
token
string
JWT authentication token

Example Request

curl -X POST http://localhost:3000/api/auth/register \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "securePassword123",
    "name": "John Doe"
  }'

Example Response

{
  "message": "User registered successfully",
  "user": {
    "id": 1,
    "email": "[email protected]",
    "name": "John Doe"
  },
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Error Responses

  • 409 Conflict - Email already registered
  • 400 Bad Request - Validation failed
  • 500 Internal Server Error - Registration failed

POST /api/auth/login

Authenticate a user and receive a JWT token.

Request Body

email
string
required
User’s email address
password
string
required
User’s password

Response

message
string
Success message
user
object
User information
token
string
JWT authentication token for subsequent requests

Example Request

curl -X POST http://localhost:3000/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "securePassword123"
  }'

Example Response

{
  "message": "Login successful",
  "user": {
    "id": 1,
    "email": "[email protected]",
    "name": "John Doe"
  },
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Error Responses

  • 400 Bad Request - Email and password are required
  • 401 Unauthorized - Invalid credentials
  • 500 Internal Server Error - Login failed

Authentication Middleware

Protected endpoints require a valid JWT token in the Authorization header.

Header Format

Authorization: Bearer <token>
The authentication middleware (from /workspace/source/node-service/src/middleware/auth.js:4) validates the JWT token and extracts the userId for use in protected routes.

Example Authenticated Request

curl -X GET http://localhost:3000/api/users/me/profile \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Authentication Errors

  • 401 Unauthorized - Missing or invalid Authorization header
  • 401 Unauthorized - Invalid or expired token

Build docs developers (and LLMs) love

Get started for freeTalk to us