The UniSierra Eats REST API powers the cafeteria web application for Universidad de la Sierra. It is built with Express.js, persists data in SQLite, and exposes 18 endpoints grouped across four resources: products, users, reviews, and admin moderation. All communication uses JSON, and the server runs locally on port 3000.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/JuseAR27/Unisierra-eats/llms.txt
Use this file to discover all available pages before exploring further.
Base URL
Request & Response Format
- All endpoints accept and return JSON.
- Requests that include a body must set the
Content-Type: application/jsonheader. - All error responses follow the shape
{ "error": "<message>" }with an appropriate HTTP status code (400,401,500). - Success responses return resource-specific JSON objects described individually in each endpoint page.
This API has no CORS configuration — it is designed to be served from the same origin as the frontend static files, which Express also hosts via
express.static.Authentication
There is no token-based authentication and no session middleware. After a successfulPOST /api/login, the returned user object (id, nombre, correo, rol_id) is stored client-side in localStorage by the frontend. Subsequent requests do not attach any credential header — the API itself performs no authorization checks on any route.
Endpoint Reference
The table below lists all 18 endpoints with their HTTP method, path, and purpose.| Method | Path | Description |
|---|---|---|
GET | /api/productos | List all products with avg rating and review count |
POST | /api/productos | Create a new cafeteria product |
PUT | /api/productos/:id | Update an existing product |
DELETE | /api/productos/:id | Delete a product |
POST | /api/registro | Register a new student account |
POST | /api/admin/registro | Register a new administrator account |
POST | /api/login | Authenticate a user |
PUT | /api/usuarios/:id | Update a user’s name and/or password |
DELETE | /api/usuarios/:id | Delete a user account and all their reviews |
GET | /api/resenas/usuario/:usuario_id | Get all active reviews by a user |
GET | /api/resenas/producto/:producto_id | Get all active reviews for a product |
POST | /api/resenas | Create a new review |
PUT | /api/resenas/:id | Update a review’s rating and comment |
DELETE | /api/resenas/:id | Permanently delete a review |
PUT | /api/resenas/:id/reportar | Flag a review as reported |
GET | /api/admin/resenas-reportadas | List all reported reviews |
PUT | /api/admin/resenas/:id/aprobar | Restore a reported review to active state |
DELETE | /api/admin/resenas/:id | Permanently delete a review (admin moderation) |
Resource Sections
Products
Four endpoints for listing, creating, updating, and deleting cafeteria products. GET returns computed avg ratings and review counts via SQL JOIN.
Users
Five endpoints for student and admin registration, login, profile updates, and account deletion. Requires an institutional @unisierra.edu.mx email.
Reviews
Seven endpoints for fetching, creating, editing, deleting, and flagging cafeteria product reviews rated 1–5 stars.
Admin
Three admin moderation endpoints for listing reported reviews, restoring them, and permanently deleting flagged content.