Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/luisllatas-dev/Proyecto_Pasteleria_DonMamino/llms.txt

Use this file to discover all available pages before exploring further.

The Don Mamino API uses JSON Web Tokens (JWT) for authentication. You obtain a token by calling the login endpoint with valid credentials, then include that token in the Authorization header of every subsequent request that requires authentication.

Log in and receive a token

Send a POST request to /api/auth/login with your email address and password in the request body.

Request body

email
string
required
The email address associated with your user account.
contraseña
string
required
The account password.

Example request

curl --request POST \
  --url http://localhost:3000/api/auth/login \
  --header 'Content-Type: application/json' \
  --data '{
    "email": "[email protected]",
    "contraseña": "your_password"
  }'

Example response

A successful login returns HTTP 200 with a token and a usuario object. 
{
  "mensaje": "Inicio de sesión exitoso",
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "usuario": {
    "id": 1,
    "nombre": "Luis Llatas",
    "email": "[email protected]",
    "rol": "administrador"
  }
}

Response fields

mensaje
string
Confirmation message indicating a successful login.
token
string
The JWT to use in subsequent authenticated requests. Valid for 8 hours.
usuario
object

Use the token in requests

Include the token in the Authorization header of every request to a protected endpoint, using the Bearer scheme. 
Authorization: Bearer <your_token>

Example authenticated request

curl
curl --request GET \
  --url http://localhost:3000/api/usuarios \
  --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...'
Tokens expire after 8 hours. When a token expires, any request using it will return a 401 Unauthorized error. Log in again to obtain a fresh token.

Error responses

ScenarioStatusResponse body
Wrong email or password401 Unauthorized{ "message": "Credenciales inválidas" }
Authorization header missing403 Forbidden{ "message": "Se requiere un token de autenticación" }
Malformed Authorization header403 Forbidden{ "message": "Formato de token inválido" }
Token expired or invalid401 Unauthorized{ "message": "Token inválido o expirado" }
Ensure the Authorization header value is formatted exactly as Bearer <token> — with a single space between Bearer and the token string.

Build docs developers (and LLMs) love

Get started for freeTalk to us