Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/DincaAlex/unilink/llms.txt

Use this file to discover all available pages before exploring further.

The UniLink REST API is a lightweight Express server that runs entirely on your local machine at http://localhost:3001. Every endpoint is mounted under the /api prefix, accepts JSON request bodies, and always responds with JSON — there is no HTML, XML, or form-encoded support. The server is intentionally minimal: it is a course prototype backed by a single SQLite file, designed to run alongside the React frontend with a single npm run dev command.

Base URL

http://localhost:3001/api
All paths in this documentation are relative to this base. For example, the login endpoint is reached at http://localhost:3001/api/login.

Content-Type

Every request that includes a body must set the Content-Type header to application/json. Every response from the server is also application/json.
Content-Type: application/json

CORS

The server is configured to accept requests only from the Vite development server origin. Any request from a different origin will be rejected by the browser’s CORS policy.
Allowed origin
http://localhost:5173

Authentication model

UniLink is a prototype — there are no JWT tokens, refresh tokens, or server-side sessions. Authentication works as follows:
  1. POST /api/login validates the user’s credentials and returns { email, role }.
  2. The React app stores this object in localStorage via useLocalStorageState.
  3. For the one endpoint that requires authorization (POST /api/jobs), the client passes the role in the x-role request header. The server rejects the request with 403 Forbidden if the header value is not empresa.
No bearer tokens are checked on any other endpoint.

All endpoints

MethodPathDescription
POST/api/loginAuthenticate and get role
GET/api/jobsList all job listings
GET/api/jobs/:idGet a single job listing
POST/api/jobsCreate a new job (empresa only)
GET/api/profile/studentGet the student profile
PUT/api/profile/studentUpdate the student profile
GET/api/profile/companyGet the company profile
PUT/api/profile/companyUpdate the company profile
GET/api/applicationsList student applications
POST/api/applicationsSubmit a job application

Error responses

When a request fails, the API always returns a JSON object with a single error key containing a human-readable message.
{ "error": "Descriptive error message here." }
Common HTTP status codes returned by the API:
StatusMeaning
200 OKRequest succeeded; response body contains the result
201 CreatedResource was successfully created
401 UnauthorizedInvalid credentials (login endpoint)
403 ForbiddenAction not permitted for the caller’s role
404 Not FoundRequested resource does not exist

JSON parsing for array and object fields

SQLite stores every column as a flat value, so array and nested-object fields in jobs and profiles are persisted as JSON strings and parsed by the server before the response is sent. You will always receive proper JSON arrays and objects — never raw strings — for the following fields:
ResourceParsed fields
Job listingrequirements, benefits, skills
Student profileskills, languages, certifications, experience, education, savedJobs
Company profileskills, languages, certifications, experience, education

Further reading

Detailed documentation for each endpoint group:

Build docs developers (and LLMs) love