Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Nyverie/reservafacil/llms.txt

Use this file to discover all available pages before exploring further.

Returns the identity of the user associated with the current session. The server reads the token cookie, verifies its HS256 signature and expiry via getSession(), and returns the decoded payload. This endpoint is the canonical way to hydrate client-side auth state on page load — for example, to show the user’s name in a navbar or gate access to protected UI routes.

Request

GET /api/auth/me
No request body or query parameters are required. The endpoint relies entirely on the token cookie being present and valid. When calling from the browser, include credentials: 'include' to ensure the cookie is forwarded.

Response

200 — Success

usuario
object
The decoded JWT payload for the currently authenticated user.
The response reflects the data embedded in the JWT at sign time, not a live database read. If a user’s nombre, email, or rol changes after the token was issued, /api/auth/me will return the stale values until the token expires or the user logs in again.

Error Responses

Statuserror valueCause
401"No autenticado"The token cookie is absent, has expired, or its signature is invalid.
Always handle the 401 case in your frontend. A previously valid session can become invalid if the token has expired (after 7 days) or if the JWT_SECRET environment variable was rotated on the server.

Examples

curl -X GET https://your-app.vercel.app/api/auth/me \
  -H "Cookie: token=<your-jwt-token>"

Success response body

{
  "usuario": {
    "id": "clx1a2b3c0000qwer1234abcd",
    "email": "usuario@reservafacil.com",
    "nombre": "Ana García",
    "rol": "USUARIO"
  }
}

Error response body

{
  "error": "No autenticado"
}

Build docs developers (and LLMs) love