Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Braian551/viax/llms.txt

Use this file to discover all available pages before exploring further.

Overview

The Viax API uses session-based authentication. After successful login, the API returns user information that should be stored and included in subsequent requests where required.
Currently, the API does not use JWT tokens or API keys. Authentication is managed through session data on the client side. Future versions may implement token-based authentication.

Authentication Flow

1

Register or Login

Create an account using /auth/register.php or login with /auth/login.php
2

Store User Data

Save the returned user object, including the id and uuid fields
3

Include User ID

Send the userId or conductor_id in requests that require authentication

Login Request

To authenticate a user: 
curl -X POST https://76.13.114.194/auth/login.php \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{
    "email": "user@example.com",
    "password": "yourPassword123"
  }'

Login Response

Successful authentication returns: 
{
  "success": true,
  "message": "Login exitoso",
  "user": {
    "id": 123,
    "uuid": "550e8400-e29b-41d4-a716-446655440000",
    "nombre": "Juan",
    "apellido": "Pérez",
    "email": "user@example.com",
    "telefono": "+573001234567",
    "tipo_usuario": "pasajero",
    "creado_en": "2024-01-15T10:30:00.000Z",
    "calificacion": 4.8,
    "location": {
      "id": 1,
      "usuario_id": 123,
      "direccion": "Calle 100 #15-20",
      "ciudad": "Bogotá",
      "departamento": "Cundinamarca",
      "pais": "Colombia",
      "latitud": 4.7110,
      "longitud": -74.0721,
      "es_principal": true
    }
  },
  "token": null,
  "token_expires_at": null
}

User Types

The API supports different user types specified in the tipo_usuario field:
tipo_usuario
string
User role in the systemPossible values:
  • pasajero - Regular passenger user
  • conductor - Driver user
  • admin - Administrative user
  • empresa - Company/fleet user

Authenticated Requests

Include the user ID in requests that require authentication:

As Query Parameter

curl -X GET "https://76.13.114.194/auth/profile.php?userId=123" \
  -H "Accept: application/json"

In Request Body

curl -X POST https://76.13.114.194/viajes/create_trip.php \
  -H "Content-Type: application/json" \
  -d '{
    "usuario_id": 123,
    "tipo_servicio": "motocicleta",
    "origen": {...},
    "destino": {...}
  }'

Checking Authentication Status

Verify if a user account exists: 
curl -X POST https://76.13.114.194/auth/check_user.php \
  -H "Content-Type: application/json" \
  -d '{"email": "user@example.com"}'
Response: 
{
  "exists": true
}

Session Management

The client application is responsible for managing user sessions. Store user data securely using:
  • Secure local storage
  • Encrypted shared preferences (mobile)
  • HTTP-only cookies (web)

Session Data Structure

Store the following data from the login response: 
class AuthSession {
  final User user;              // Complete user object
  final String? token;          // Currently null, reserved for future use
  final DateTime? tokenExpiresAt;
  final DateTime loginAt;       // Timestamp of login
}

Logout

Currently, logout is handled client-side by clearing stored session data. No server-side logout endpoint is required.
To logout:
  1. Clear stored user data from local storage
  2. Clear any cached information
  3. Redirect to login screen

Password Requirements

Implement strong password requirements in your client application:
  • Minimum 8 characters
  • Mix of uppercase and lowercase
  • Include numbers
  • Include special characters

Security Best Practices

Use HTTPS

Always use HTTPS in production to encrypt data in transit

Store Securely

Never store passwords. Only store user IDs and non-sensitive data

Validate Input

Validate all user input before sending to API

Handle Errors

Properly handle authentication errors and timeouts

Common Authentication Errors

Status CodeErrorDescription
401UnauthorizedInvalid credentials
403ForbiddenUser account is inactive or blocked
404Not FoundUser does not exist
500Server ErrorInternal server error
See Error Handling for more details.

Build docs developers (and LLMs) love

Get started for freeTalk to us