The authentication endpoints let you obtain a session token, create a new super-admin account, and revoke a token when the session is over. Mi Cole uses a stateless Bearer token strategy — once you have the token you pass it in theDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/andrespaul123/micole-flutter/llms.txt
Use this file to discover all available pages before exploring further.
Authorization header on every subsequent request. The base URL for all API calls is http://192.168.100.206:8000/api (configured in DioClient; update this value to match your deployment host).
Store the
token returned by login in secure storage and attach it to all subsequent requests as Authorization: Bearer <token>. If the server responds with 401 Unauthorized at any point, the token has expired — the app will clear local credentials and redirect to the login screen automatically.POST /api/auth/login
Validate credentials and receive a session token together with the authenticated user’s profile.The registered e-mail address of the user.
The user’s plain-text password (sent over HTTPS).
200 OK
Bearer token to include in the
Authorization header for all protected requests.The authenticated user object.
List of roles assigned to the user (e.g.
super-admin, director, profesor, estudiante, padre).POST /api/auth/register
Create a new super-admin account. This endpoint is typically used during initial platform setup and does not require an existing session. Thesuper-admin role is assigned automatically by the server — it cannot be overridden through this endpoint.
Full name of the new user.
E-mail address used to log in. Must be unique across the platform.
Plain-text password. Enforce a minimum length on the client before sending.
201 Created
Returns the same Users object shape as the login response (see above), including token, user, and roles.
POST /api/auth/logout
Revoke the current session token. TheAuthorization header is required; no request body is needed.
200 OK
Returns an empty body or a simple confirmation message. After this call the token is invalid and cannot be reused.
Users Model
TheUsers object is returned by both /auth/login and /auth/register.
Numeric primary-key of the user record.
Full display name of the user.
Unique e-mail address of the user.
Bearer token to use in subsequent API calls.
Array of role strings assigned to this user. Common values:
super-admin, director, profesor, estudiante, padre.