Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/andrespaul123/micole-flutter/llms.txt

Use this file to discover all available pages before exploring further.

The authentication endpoints let you obtain a session token, create a new super-admin account, and revoke a token when the session is over. Mi Cole uses a stateless Bearer token strategy — once you have the token you pass it in the Authorization header on every subsequent request. The base URL for all API calls is http://192.168.100.206:8000/api (configured in DioClient; update this value to match your deployment host).
Store the token returned by login in secure storage and attach it to all subsequent requests as Authorization: Bearer <token>. If the server responds with 401 Unauthorized at any point, the token has expired — the app will clear local credentials and redirect to the login screen automatically.

POST /api/auth/login

Validate credentials and receive a session token together with the authenticated user’s profile.
curl -X POST http://192.168.100.206:8000/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "director@colegio.edu",
    "password": "secret123"
  }'
Request body
email
string
required
The registered e-mail address of the user.
password
string
required
The user’s plain-text password (sent over HTTPS).
Response — 200 OK
{
  "token": "1|abc123...",
  "user": {
    "id": 1,
    "name": "Ana Pérez",
    "email": "director@colegio.edu"
  },
  "roles": ["super-admin"]
}
token
string
Bearer token to include in the Authorization header for all protected requests.
user
object
The authenticated user object.
roles
string[]
List of roles assigned to the user (e.g. super-admin, director, profesor, estudiante, padre).

POST /api/auth/register

Create a new super-admin account. This endpoint is typically used during initial platform setup and does not require an existing session. The super-admin role is assigned automatically by the server — it cannot be overridden through this endpoint.
curl -X POST http://192.168.100.206:8000/api/auth/register \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Carlos Mendoza",
    "email": "admin@micole.io",
    "password": "strongpassword"
  }'
Request body
name
string
required
Full name of the new user.
email
string
required
E-mail address used to log in. Must be unique across the platform.
password
string
required
Plain-text password. Enforce a minimum length on the client before sending.
Response — 201 Created Returns the same Users object shape as the login response (see above), including token, user, and roles.

POST /api/auth/logout

Revoke the current session token. The Authorization header is required; no request body is needed.
curl -X POST http://192.168.100.206:8000/api/auth/logout \
  -H "Authorization: Bearer <token>"
Response — 200 OK Returns an empty body or a simple confirmation message. After this call the token is invalid and cannot be reused.

Users Model

The Users object is returned by both /auth/login and /auth/register.
id
integer
Numeric primary-key of the user record.
name
string
Full display name of the user.
email
string
Unique e-mail address of the user.
token
string
Bearer token to use in subsequent API calls.
roles
string[]
Array of role strings assigned to this user. Common values: super-admin, director, profesor, estudiante, padre.

Build docs developers (and LLMs) love