Current Authentication Status
The current API endpoints do not require authentication headers. All endpoints are publicly accessible.User Registration
The API provides a user registration endpoint that can be used to implement authentication in the future.Register New User
Request Parameters
User email address (must be valid email format)
User full name (2-100 characters)
User identity number (6-20 numeric digits)
User password (minimum 6 characters)
Response
Validation Rules
Email Validation
- Must be a valid email format
- Must be unique in the system
Name Validation
- Minimum length: 2 characters
- Maximum length: 100 characters
Identity Validation
- Must contain only numeric digits
- Length: 6-20 characters
- Must be unique in the system
- Regex pattern:
^[0-9]{6,20}$
Password Validation
- Minimum length: 6 characters
- Hashed using
PASSWORD_BCRYPTalgorithm before storage - Password is never stored in plain text
Security Implementation
The registration endpoint implements:- Password Hashing: Uses PHP’s
password_hash()with BCRYPT algorithm - SQL Injection Protection: Uses
real_escape_string()for all inputs - Input Validation: Validates all fields before processing
- Duplicate Prevention: Checks for existing email/identity before registration
Error Messages
| Error | Description |
|---|---|
Datos inválidos | Invalid or malformed JSON |
Email inválido | Email format is incorrect |
Nombre inválido | Name is too short or too long |
Identidad inválida | Identity number doesn’t match pattern |
Contraseña muy corta | Password has less than 6 characters |
Email o Identidad ya registrados | User already exists with this email or identity |
Future Authentication
The registered users are stored in the
usuarios table with hashed passwords. To implement authentication:- Create a login endpoint that validates credentials
- Generate JWT tokens or session tokens
- Add authentication middleware to protect API endpoints
- Include authorization checks based on user roles