Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Manuelfg1985/Proyecto_Final_26/llms.txt

Use this file to discover all available pages before exploring further.

This is a protected endpoint used to verify that a JWT token is valid and correctly parsed by the server. The authMiddleware extracts the token from the Authorization header, verifies its signature against JWT_SECRET, and — if valid — injects the decoded payload into the request. The route handler then returns that decoded payload (containing the admin email, issued-at timestamp iat, and expiry timestamp exp) so you can confirm the token is being accepted as expected.

Method and path

FieldValue
MethodGET
Path/api/auth/private
AuthBearer token required

Request headers

Authorization
string
required
A valid JWT token obtained from POST /api/auth/login. Must follow the format Bearer <token> — the middleware checks that the header begins with "Bearer " and will reject requests that omit this prefix.

Responses

200 OK — The token is valid. Returns a confirmation message and the decoded JWT payload.
message
string
Confirmation string. Value: "Private content available only for authenticated users".
data
object
The decoded JWT payload injected by the auth middleware.

401 Unauthorized — No Authorization header was provided, or the header does not start with "Bearer ".
{ "message": "Acceso denegado. No se proporcionó un token válido." }
403 Forbidden — A token was provided but it failed JWT verification — it is either malformed, signed with a different secret, or has expired.
{ "message": "Token inválido o expirado" }

Example

curl https://proyecto-final-26-6tn2.vercel.app/api/auth/private \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
Don’t have a token yet? Call POST /api/auth/login with your admin credentials first to obtain one. The token is valid for 1 hour from the time it is issued.

Build docs developers (and LLMs) love