Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/lffiesco-svg/gastromovil/llms.txt

Use this file to discover all available pages before exploring further.

The Users API covers the full lifecycle of a GastroMóvil account: creating a new user, managing delivery addresses, submitting order ratings, and administrative user management. Registration and address creation are public or lightly guarded endpoints; the admin management endpoints (list, update, delete) are intended for back-office use. All endpoints are prefixed under /usuarios/ as defined in usuarios/urls.py.
GastroMóvil uses a custom Usuario model. The username field is set to the email address at registration time, and EmailBackend is the primary authentication backend — always use the email address when authenticating.

Register a User

Creates a new user account and dispatches a welcome email via the Resend API. New users are always assigned the cliente role regardless of the payload. POST /usuarios/api/registro/

Request Body

username
string
required
Must be the user’s email address. GastroMóvil sets username = email internally.
email
string
required
The user’s email address. Must pass strict format validation (regex + domain check) and must not be from a disposable mail service such as mailinator.com or yopmail.com.
password
string
required
Account password in plain text (sent over HTTPS). Write-only — never returned in responses.
telefono
string
Optional contact phone number.

Example Request

curl -s -X POST https://gastromovil.online/usuarios/api/registro/ \
  -H "Content-Type: application/json" \
  -d '{
    "username": "nuevo@ejemplo.com",
    "email": "nuevo@ejemplo.com",
    "password": "Segura1234!",
    "telefono": "3001234567"
  }'

Responses

201 Created — account created and welcome email sent. 
{
  "mensaje": "Usuario creado"
}
400 Bad Request — validation failed (invalid email, disposable domain, missing required field). 
{
  "email": ["El correo electrónico no existe."]
}

Create a Delivery Address

Adds a new delivery address record to the database. The usuario field must be the ID of an existing user. POST /usuarios/api/direcciones/crear/

Request Body

usuario
integer
required
Primary key of the user this address belongs to.
calle
string
required
Street name and number.
barrio
string
required
Neighbourhood or district.
referencia
string
Optional landmark or additional directions (e.g. "Frente al parque").
es_principal
boolean
Whether this should be set as the user’s default delivery address. Defaults to false.

Example Request

curl -s -X POST https://gastromovil.online/usuarios/api/direcciones/crear/ \
  -H "Content-Type: application/json" \
  -d '{
    "usuario": 7,
    "calle": "Carrera 45 #12-30",
    "barrio": "El Poblado",
    "referencia": "Edificio Torres del Parque, apto 502",
    "es_principal": true
  }'

Responses

201 Created 
{
  "mensaje": "Direccion creada"
}
400 Bad Request — serializer validation errors.

List All Addresses

Returns all delivery address records in the database. Intended for administrative inspection. GET /usuarios/api/direcciones/

Example Request

curl -s https://gastromovil.online/usuarios/api/direcciones/ \
  -H "Authorization: Bearer <access_token>"

Response

200 OK — array of address objects with all model fields.

Admin: List All Users

Returns a flat list of every user account with their key identifying fields. Intended for back-office dashboards. GET /usuarios/api/usuarios/

Example Request

curl -s https://gastromovil.online/usuarios/api/usuarios/ \
  -H "Authorization: Bearer <admin_access_token>"

Response

200 OK — array of user summary objects.
id
integer
Primary key of the user.
username
string
The username (set to the email address on registration).
email
string
Email address of the user.
rol
string
Account role. One of cliente, restaurante, or repartidor.
[
  { "id": 1, "username": "admin@gastromovil.online", "email": "admin@gastromovil.online", "rol": "cliente" },
  { "id": 7, "username": "restaurante@ejemplo.com", "email": "restaurante@ejemplo.com", "rol": "restaurante" }
]

Admin: Update a User

Updates username, email, and/or rol for an existing user. Only the fields included in the request body are changed. PUT /usuarios/api/usuarios/<pk>/editar/

Path Parameters

pk
integer
required
Primary key of the user to update.

Request Body

username
string
New username value.
email
string
New email address.
rol
string
New role. Accepted values: cliente, restaurante, repartidor.

Example Request

curl -s -X PUT https://gastromovil.online/usuarios/api/usuarios/7/editar/ \
  -H "Authorization: Bearer <admin_access_token>" \
  -H "Content-Type: application/json" \
  -d '{"rol": "restaurante"}'

Responses

200 OK 
{
  "mensaje": "Usuario actualizado"
}
404 Not Found 
{
  "error": "No encontrado"
}

Admin: Delete a User

Permanently removes a user account and all related data cascades. DELETE /usuarios/api/usuarios/<pk>/eliminar/

Path Parameters

pk
integer
required
Primary key of the user to delete.

Example Request

curl -s -X DELETE https://gastromovil.online/usuarios/api/usuarios/7/eliminar/ \
  -H "Authorization: Bearer <admin_access_token>"

Responses

200 OK 
{
  "mensaje": "Usuario eliminado"
}
404 Not Found 
{
  "error": "No encontrado"
}
Deleting a user is permanent and triggers cascade deletes on all related objects including their orders, addresses, and ratings. This action cannot be undone.

Web Auth Flows

The following routes serve the browser-rendered UI and are not intended for direct API consumption. They are documented here for completeness.

Send Password Reset Code

POST /usuarios/recuperar/ — accepts an email form field, generates a 6-digit CodigoRecuperacion, and emails it to the user via Resend. Redirects to the code verification page on success.

Verify Code and Reset Password

POST /usuarios/verificar-codigo/ — accepts email, codigo, and password as JSON. Validates the code against the stored CodigoRecuperacion (with expiry check), updates the password, and returns {"ok": true, "redirect": "/login/"}.

Register via Web Form (with Email Verification)

POST /register/ (mapped in the root urls.py) — renders the HTML registration form. On valid submission, a 6-digit verification code is emailed to the user and the session stores the pending registration data. The user then completes registration at POST /usuarios/verificar-registro/ by submitting the code.
For programmatic registration without email verification, use POST /usuarios/api/registro/ instead. The web flow at POST /register/ requires a verification step via session, which is impractical for API clients.

Build docs developers (and LLMs) love

Get started for freeTalk to us