The Auth API handles everything from creating new accounts to managing existing users. On registration, roles are assigned automatically based on the email domain — addresses ending inDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/160906/Yakultt-App/llms.txt
Use this file to discover all available pages before exploring further.
@upa.edu.mx become Master accounts, while all other addresses receive the Promotor role. Every successful registration or login returns a signed JWT valid for 30 days that must be included as a Bearer token on protected routes.
POST /api/auth/registro
Registers a new user account and returns the created user object along with a JWT.Full name of the user.
Email address. Accounts registered with an
@upa.edu.mx address are automatically assigned the Master role; all other addresses receive the Promotor role.Plain-text password. Stored as a bcrypt hash.
The newly created user record.
Signed JWT. Include as
Authorization: Bearer <token> on protected requests. Expires after 30 days.| Status | Error message |
|---|---|
400 | 'Todos los campos son obligatorios.' — one or more required fields are missing. |
400 | 'Este correo ya está registrado.' — a user with that email address already exists. |
POST /api/auth/login
Authenticates an existing user and returns a fresh JWT.Registered email address.
Account password.
The authenticated user record.
Signed JWT valid for 30 days.
| Status | Error message |
|---|---|
400 | 'Correo y contraseña son obligatorios.' — correo or contrasena field is missing. |
401 | 'Correo o contraseña incorrectos.' — email not found or password is wrong. |
403 | 'Tu cuenta está desactivada. Contacta al administrador.' — the account has been disabled. |
GET /api/auth/usuarios
Returns a list of all registered users ordered by creation date descending. Intended for Master users to monitor and manage accounts. Example requestUnique numeric ID of the user.
Display name.
Email address.
Role:
Master, Promotor, or Repartidor.Account status as a TINYINT:
1 = active, 0 = disabled.ISO 8601 timestamp of when the account was created.
PUT /api/auth/usuarios/:id
Enables or disables a user account. Disabled users receive a403 on login.
Numeric ID of the user to update.
Pass
true to re-enable the account or false to disable it.PUT /api/auth/usuarios/:id/rol
Changes the role of an existing user.Numeric ID of the user whose role should be updated.
New role to assign. Must be one of
Master, Promotor, or Repartidor.| Status | Error message |
|---|---|
400 | 'Rol inválido.' — the value of rol is not one of the three valid options. |
DELETE /api/auth/usuarios/:id
Permanently deletes a user account. This action cannot be undone.Numeric ID of the user to delete.