The Agencia de Habilidades para el Futuro API is a Node.js/Express 5 REST service backed by Firebase Firestore that gives a job-skills agency a single, consistent interface for storing and retrieving job-applicant data. It is deployed to Vercel for public access while also running seamlessly on a local development machine. The API handles applicant creation, lookup, updates, and deletion, and protects write operations with JSON Web Token (JWT) authentication so only authorised administrators can modify records.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/Manuelfg1985/Proyecto_Final_26/llms.txt
Use this file to discover all available pages before exploring further.
What this API provides
The API exposes two top-level resource groups, each mounted under/api:
-
/api/auth— Authentication endpoints. Administrators callPOST /api/auth/loginwith their credentials to receive a signed JWT token. The route group also exposes a public probe endpoint (GET /api/auth/public) and a protected endpoint (GET /api/auth/private) that returns the decoded token payload, useful for verifying that a token is still valid. -
/api/postulantes— Applicant management endpoints. All five operations on thepostulantes(applicants) Firestore collection are available here: list all applicants, retrieve a single applicant by Firestore document ID, create a new applicant record, update an existing record, and delete a record. Listing and lookup are public; creating, updating, and deleting require a valid Bearer token.
GET /api/postulantes and GET /api/postulantes/:id are publicly accessible — no token is required. POST, PUT, and DELETE operations on /api/postulantes all require a valid Authorization: Bearer <token> header obtained from /api/auth/login.Tech stack
The service is built entirely with the following packages (seepackage.json):
- Express 5 (
^5.2.1) — HTTP server and routing framework - Firebase / Firestore (
^12.14.0) — Cloud NoSQL database for all applicant records - jsonwebtoken (
^9.0.3) — JWT signing and verification - bcryptjs (
^3.0.3) — Password hashing utilities - cors (
^2.8.6) — Cross-Origin Resource Sharing middleware - dotenv (
^17.4.2) — Environment variable loading from a.envfile
"type": "module" in package.json), so all imports use the import/export syntax.
Architecture overview
Entry point — index.js
index.js bootstraps the Express application: it applies global middleware (JSON body parsing, static file serving, CORS), registers the two route groups, attaches a health-check route at GET /up, and starts the HTTP listener on process.env.PORT (default 3000).Routes
Route files under
src/routes/ define the URL patterns and link each one to a controller function. userRoutes.js covers all five /api/postulantes operations and applies authMiddleware to the write routes. auth.js wires up POST /api/auth/login and the public/private probe routes.Controllers
Controller files under
src/controllers/ contain the business logic. userController.js calls the Firestore SDK (getDocs, addDoc, updateDoc, deleteDoc) and instantiates the User model before writing. auth.js compares the submitted credentials against environment variables and signs a JWT on success.Firestore via db.js
src/config/db.js initialises the Firebase app using environment variables and exports a db Firestore client instance. Every controller imports this single shared instance — there is no connection pooling or ORM layer.Base URL
| Environment | URL |
|---|---|
| Production (Vercel) | https://proyecto-final-26-6tn2.vercel.app |
| Local development | http://localhost:3000 |
Explore the docs
Quickstart
Clone the repo, configure your environment, and make your first authenticated API call in under 5 minutes.
Configuration
Detailed reference for every environment variable required to connect to Firebase and enable JWT auth.
Authentication overview
Understand how the JWT flow works — login, token structure, and how to attach a Bearer token to requests.
List applicants
API reference for
GET /api/postulantes — retrieve all applicant records from the Firestore collection.