Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/astrxnomo/shop-microservers/llms.txt

Use this file to discover all available pages before exploring further.

The register endpoint creates a new user account in the Auth service database. It validates the request body with a Zod schema, hashes the submitted password with bcrypt using 10 salt rounds, persists the new User record (PostgreSQL, CUID primary key), and returns a signed JWT alongside the user object. If the email address is already associated with an existing account, the request is rejected with a 409 Conflict before any write is attempted.

Endpoint

POST /api/auth/register
Authentication: Not required.

Request Body

email
string
required
A valid email address for the new account. Must be unique across all registered users — submitting an email that already exists returns 409 Conflict. Validated with Zod’s z.string().email() rule.
password
string
required
The plain-text password for the new account. Must be at least 6 characters long (enforced by z.string().min(6)). The password is never stored in plain text — it is hashed with bcrypt at 10 rounds before being written to the database.

Example Request

curl -X POST http://localhost/api/auth/register \
  -H "Content-Type: application/json" \
  -d '{"email": "user@example.com", "password": "mysecretpassword"}'

Success Response

Status: 201 Created
{
  "success": true,
  "data": {
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "user": {
      "id": "clxxxxxxxxxxxxx",
      "email": "user@example.com"
    }
  },
  "error": null
}

Response Fields

data.token
string
A signed JWT generated with jsonwebtoken. The token payload contains the user’s id (as sub) and email, is signed with the JWT_SECRET environment variable, and expires in 7 days. Pass it in the Authorization: Bearer <token> header on all authenticated requests.
data.user.id
string
The new user’s database identifier. Uses Prisma’s CUID format (e.g., clxxxxxxxxxxxxx).
data.user.email
string
The email address that was registered. This value is unique within the system.

Error Responses

StatusCause
400 Bad RequestValidation failed — invalid email format, missing email or password field, or password shorter than 6 characters. The error field in the response body contains the Zod error message.
409 ConflictThe submitted email address is already registered. No new record is created.
Example 409 response:
{
  "success": false,
  "data": null,
  "error": "Email already registered"
}
Example 400 response:
{
  "success": false,
  "data": null,
  "error": "[\n  {\n    \"code\": \"invalid_string\",\n    \"validation\": \"email\",\n    \"path\": [\"email\"],\n    \"message\": \"Invalid email\"\n  }\n]"
}
Store the returned token securely. The Shop Microservers frontend saves it to localStorage and reads it on every request. Losing the token simply requires the user to log in again — a fresh token is issued on each successful /login call.

Build docs developers (and LLMs) love