User Endpoints

Overview

The User API provides endpoints for user registration and authentication. All endpoints return user objects with secure password handling.

Passwords must meet the following requirements:

Minimum 8 characters
Maximum 64 characters
Must contain at least one letter and one number

Register User

Show POST /registro

Creates a new user account in the system.

Request Body

usuario

string

required

The username for the new account. Must be unique.

contrasena

string

required

The password for the account. Must meet password requirements:

8-64 characters
At least one letter and one number

Response

Returns the created user object.

long

Unique identifier for the user

usuario

string

The username

contrasena

object

Password value object (sanitized in responses)

Show ContrasenaVO properties

value

string

The encrypted password value (masked as ”****” in responses)

Example Request

curl -X POST http://localhost:8080/registro \
  -H "Content-Type: application/json" \
  -d '{
    "usuario": "john_doe",
    "contrasena": "SecurePass123"
  }'

Example Response

200 OK

{
  "id": 1,
  "usuario": "john_doe",
  "contrasena": {
    "value": "****"
  }
}

Error Responses

400 Bad Request - Invalid Password

{
  "error": "InvalidPasswordException",
  "message": "La contraseña debe tener al menos 8 caracteres"
}

400 Bad Request - Password Too Short

{
  "error": "InvalidPasswordException",
  "message": "La contraseña debe contener al menos una letra y un número"
}

400 Bad Request - Empty Password

{
  "error": "InvalidPasswordException",
  "message": "La contraseña no puede estar vacía"
}

```json 400 Bad Request - Password Too Long
{
  "error": "InvalidPasswordException",
  "message": "La contraseña no puede superar los 64 caracteres"
}

Show GET /login/{usuario}/{contrasena}

Authenticates a user with their username and password.

This endpoint uses path parameters for authentication. In production environments, consider using POST with request body or proper authentication headers for enhanced security.

Path Parameters

usuario

string

required

The username to authenticate

contrasena

string

required

The user’s password

Response

Returns the authenticated user object if credentials are valid.

long

Unique identifier for the user

usuario

string

The username

contrasena

object

Password value object (sanitized in responses)

Show ContrasenaVO properties

value

string

The encrypted password value (masked as ”****” in responses)

Example Request

curl -X GET http://localhost:8080/login/john_doe/SecurePass123

Example Response

200 OK

{
  "id": 1,
  "usuario": "john_doe",
  "contrasena": {
    "value": "****"
  }
}

Error Responses

404 Not Found

{
  "error": "UserNotFoundException",
  "message": "Usuario no encontrado"
}

401 Unauthorized

{
  "error": "InvalidCredentialsException",
  "message": "Credenciales inválidas"
}

Data Models

UsuarioPOJO

The user domain model used across all user endpoints.

Field	Type	Description
`id`	Long	Unique identifier
`usuario`	String	Username
`contrasena`	ContrasenaVO	Password value object

ContrasenaVO

Value object for password handling with built-in validation. Validation Rules:

Cannot be null or empty
Minimum length: 8 characters
Maximum length: 64 characters
Must contain at least one letter (A-Z, a-z)
Must contain at least one digit (0-9)

Security:

The toString() method returns "****" to prevent password leakage in logs
Passwords are never returned in plain text in API responses

Implementation Details

Architecture

The User API follows Clean Architecture principles:

Controller Layer: UsuarioRestController (src/main/java/com/example/demo/usuario/infrastructure/controllers/UsuarioRestController.java:1)
Application Layer: Command and Query handlers
- RegistrarUsuarioHandler for registration
- LoginUsuarioHandler for authentication
Domain Layer: UsuarioPOJO and ContrasenaVO value objects

Request Processing Flow

Registration (POST /registro):
- Receives RegistrarUsuarioRequest with username and password
- Creates RegistrarUsuarioCommand with validated ContrasenaVO
- Handler processes command and persists user
- Returns created UsuarioPOJO
Login (GET /login/{usuario}/{contrasena}):
- Extracts credentials from path parameters
- Creates LoginUsuarioQuery
- Handler validates credentials and retrieves user
- Returns authenticated UsuarioPOJO

API

Models

Error Handling

Overview

Register User

Request Body

Response

Example Request

Example Response

Error Responses

Data Models

UsuarioPOJO

ContrasenaVO

Implementation Details

Architecture

Request Processing Flow

Build docs developers (and LLMs) love

API

Models

Error Handling

​Overview

​Register User

​Request Body

​Response

​Example Request

​Example Response

​Error Responses

​User Login

​Path Parameters

​Response

​Example Request

​Example Response

​Error Responses

​Data Models

​UsuarioPOJO

​ContrasenaVO

​Implementation Details

​Architecture

​Request Processing Flow

Build docs developers (and LLMs) love

Overview

Register User

Request Body

Response

Example Request

Example Response

Error Responses

User Login

Path Parameters

Response

Example Request

Example Response

Error Responses

Data Models

UsuarioPOJO

ContrasenaVO

Implementation Details

Architecture

Request Processing Flow