Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/iamalexis689725/cole/llms.txt

Use this file to discover all available pages before exploring further.

Cole uses Laravel Sanctum for API token authentication. Every authenticated request must include an Authorization: Bearer <token> header. Tokens are plain-text strings returned on registration and login. Cole enforces token rotation on login — all existing tokens for the user are deleted before a new one is issued, ensuring only one active session per user at a time.

POST /api/auth/register

Creates a new user account, assigns the specified role, and returns an API token. This endpoint is unauthenticated and is primarily used when you need to manually provision a super-admin account. All other user types (directors, professors, students, parents) are created through their respective resource endpoints.
The role value must already exist in the roles table. Valid roles are super-admin, director, profesor, estudiante, and padre. Attempting to register with an unknown role name returns a 422 validation error.

Request body

name
string
required
Full display name of the user. Maximum 255 characters.
email
string
required
Email address. Must be unique across all users. Used as the login credential.
password
string
required
Plain-text password. Minimum 6 characters. Stored as a bcrypt hash.
role
string
required
Role to assign to the new user. Must match an existing role name in the roles table. Example: "super-admin".

Response 201 Created

message
string
Human-readable confirmation. Example: "Usuario registrado correctamente".
user
object
The newly created user record.
roles
array of strings
List of role names assigned to the user. Example: ["super-admin"].
token
string
Plain-text Sanctum API token. Include this as Authorization: Bearer <token> on subsequent requests.

Example

curl -s -X POST https://your-cole-api.test/api/auth/register \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{
    "name": "Alice Romero",
    "email": "alice@example.com",
    "password": "secret123",
    "role": "super-admin"
  }'
{
  "message": "Usuario registrado correctamente",
  "user": {
    "id": 1,
    "name": "Alice Romero",
    "email": "alice@example.com",
    "tenant_id": null,
    "created_at": "2026-04-01T18:00:00.000000Z",
    "updated_at": "2026-04-01T18:00:00.000000Z"
  },
  "roles": ["super-admin"],
  "token": "1|aB3cD4eF5gH6iJ7kL8mN9oP0qR1sT2uV3wX4yZ"
}

POST /api/auth/login

Authenticates a user by email and password. All existing tokens for the user are deleted before a new token is issued — this means logging in invalidates any previous session tokens.
Cole performs token rotation on every login. If you have a long-lived integration relying on a stored token, be aware that a subsequent login from any client will invalidate that token immediately.

Request body

email
string
required
The registered email address of the user.
password
string
required
The user’s password in plain text.

Response 200 OK

message
string
Confirmation string. Example: "Login exitoso".
user
object
The authenticated user record (same shape as registration response).
roles
array of strings
All roles assigned to the user.
token
string
Fresh plain-text API token. Use this for all subsequent authenticated requests.

Error 422 Unprocessable Entity

Returned when credentials do not match any user.
{
  "message": "The given data was invalid.",
  "errors": {
    "email": ["Credenciales incorrectas"]
  }
}

Example

curl -s -X POST https://your-cole-api.test/api/auth/login \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{
    "email": "alice@example.com",
    "password": "secret123"
  }'
{
  "message": "Login exitoso",
  "user": {
    "id": 1,
    "name": "Alice Romero",
    "email": "alice@example.com",
    "tenant_id": null,
    "created_at": "2026-04-01T18:00:00.000000Z",
    "updated_at": "2026-04-01T18:00:00.000000Z"
  },
  "roles": ["super-admin"],
  "token": "2|xY9zA8bB7cC6dD5eE4fF3gG2hH1iI0jJ9kK8lL"
}

POST /api/auth/logout

Revokes the current access token used in the request. Only the token included in the Authorization header is deleted — no other tokens belonging to the user are affected. Authentication required: Authorization: Bearer <token>

Response 200 OK

message
string
Confirmation string. Example: "Logout correcto".

Example

curl -s -X POST https://your-cole-api.test/api/auth/logout \
  -H "Accept: application/json" \
  -H "Authorization: Bearer 2|xY9zA8bB7cC6dD5eE4fF3gG2hH1iI0jJ9kK8lL"
{
  "message": "Logout correcto"
}

GET /api/auth/me

Returns the profile and roles of the currently authenticated user. Useful for bootstrapping a client session after login or verifying token validity. Authentication required: Authorization: Bearer <token>

Response 200 OK

user
object
The authenticated user record.
roles
array of strings
All roles currently assigned to the user.

Example

curl -s -X GET https://your-cole-api.test/api/auth/me \
  -H "Accept: application/json" \
  -H "Authorization: Bearer 2|xY9zA8bB7cC6dD5eE4fF3gG2hH1iI0jJ9kK8lL"
{
  "user": {
    "id": 5,
    "name": "Carlos Mendoza",
    "email": "carlos@lincoln.edu",
    "tenant_id": 3,
    "created_at": "2026-04-02T10:15:00.000000Z",
    "updated_at": "2026-04-02T10:15:00.000000Z"
  },
  "roles": ["director"]
}

Build docs developers (and LLMs) love