Documentation Index
Fetch the complete documentation index at: https://mintlify.com/giangartun/Tis-GOAT-Frontend/llms.txt
Use this file to discover all available pages before exploring further.
Overview
The Users API handles the full account lifecycle: creating a new account, verifying the registered email address, authenticating to receive a JWT, and recovering or resetting a forgotten password. All request and response bodies use JSON unless otherwise noted.POST /api/usuario/pre-registro
Register a new user account. On success the server dispatches a verification email to the provided address; the account cannot log in until that link is clicked.Request Body
First name of the user. Must contain letters only (no digits). Accepts Spanish-language accented characters and spaces.
Paternal (first) surname. Letters only — the same character restrictions as
nombre apply.Maternal (second) surname. Letters only.
A valid, unique email address. This is used for verification and login.
Account password. Minimum 6 characters.
Password confirmation field. Must be identical to
contrasena.Responses
Human-readable confirmation that a verification email has been dispatched.
| Status | Meaning |
|---|---|
200 | Registration accepted — verification email sent. |
422 | Validation failed. The errors object maps field names to error messages. |
Example Request
Example Response
GET /api/usuario/verificar-email/:token
Verify the user’s email address using the token embedded in the registration confirmation email. This endpoint is typically accessed by clicking the link in the email client rather than called directly from application code.Path Parameters
The unique verification token sent to the user’s email address upon registration.
Responses
| Status | Meaning |
|---|---|
200 | Email verified successfully. The response either redirects the browser to the login page or returns a success message body. |
400 / 422 | The token is invalid, expired, or has already been used. |
POST /api/usuario/login
Authenticate with email and password. Returns a signed JWT and the user’s profile data on success.Request Body
The email address registered to the account.
The account password.
Responses
Signed JWT to be sent as
Authorization: Bearer <token> in subsequent authenticated requests.Core user profile object.
The ID of the user’s portfolio at the top level. If absent, fall back to
usuario.id_portafolio. Store this value in your client to use with portfolio and project endpoints.Account role returned at the top level — either
'admin' or a standard user role. If absent, fall back to usuario.tipo_usuario. Use this to redirect admin users to the admin dashboard after login.| Status | Meaning |
|---|---|
200 | Login successful — token and profile returned. |
401 | Invalid email or password. |
403 | Account has been suspended. The message field contains details. |
422 | Validation errors on the request fields. |
Example Request
Example Response
After a successful login, persist the
token and id_portafolio values on the client (e.g. localStorage). They are required by all authenticated endpoints. The client reads id_portafolio as data.id_portafolio ?? data.usuario?.id_portafolio. Similarly, tipo_usuario is read as data.tipo_usuario ?? data.usuario?.tipo_usuario. If the resolved tipo_usuario is 'admin', redirect the user to the admin dashboard.POST /api/usuario/contrasena/olvido
Request a password reset email. If the email address is associated with an active account, the server sends a time-limited reset link.Request Body
The email address registered to the account that needs a password reset.
Responses
Confirmation that the reset email has been dispatched (or a generic message when the address is not found, to prevent account enumeration).
| Status | Meaning |
|---|---|
200 | Request processed — reset email sent if the address exists. |
422 | Invalid or missing email field. |
Example Request
Example Response
POST /api/usuario/contrasena/restablecer
Reset the account password using the token received by email from the forgot-password flow. The reset link in the recovery email directs users to the/reset-password client-side route, which calls this server endpoint.
Verify the exact endpoint path against your backend configuration. The forgot-password flow dispatches the reset link; the path below reflects the expected server route.
Request Body
The password reset token extracted from the link in the recovery email.
The new password. Must be at least 6 characters.
Must match
contrasena exactly.Responses
Confirmation that the password has been updated successfully.
| Status | Meaning |
|---|---|
200 | Password reset successfully. |
400 / 422 | Token is invalid or expired, or the passwords do not match. |