Skip to main content
GET
/
api
/
users
Get Current User
curl --request GET \
  --url https://api.example.com/api/users
{
  "status": "<string>",
  "data": {
    "user": {
      "id": 123,
      "fullname": "<string>",
      "email": "<string>"
    }
  }
}

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/zulfikarrosadi/juadah-backend/llms.txt

Use this file to discover all available pages before exploring further.

Overview

This endpoint returns the profile information of the currently authenticated user. It requires a valid authentication session with the accessToken cookie.
This endpoint requires authentication. You must be logged in with a valid access token cookie.

Authentication

This endpoint uses cookie-based authentication and requires:
  • deserializeToken middleware - Extracts and verifies the JWT token from the accessToken cookie
  • requiredLogin middleware - Ensures the user is authenticated before accessing the endpoint
The access token is automatically set in your cookies when you successfully register or login.

Request

No request body or query parameters are required. The user information is extracted from the authenticated session.

Response

status
string
required
Response status. Always returns "success" for successful requests.
data
object
required
Contains the user data object.

Examples

Request

curl --request GET \
  --url https://juadah-backend.vercel.app/api/users \
  --header 'Cookie: accessToken=your_access_token_here'

Response

{
  "status": "success",
  "data": {
    "user": {
      "id": 1,
      "fullname": "zulfikar",
      "email": "email@example.com"
    }
  }
}

Error Responses

Status CodeDescription
401User is not authenticated. Access token is missing or expired.
400Invalid or malformed access token.

Implementation Details

From the handler implementation (src/user/handler.ts:6): The endpoint retrieves user data from res.locals.user, which is populated by the deserializeToken middleware after successfully validating the JWT token from the accessToken cookie.
The access token cookie is HttpOnly for security and is automatically included in requests when using credentials: 'include' in fetch or similar settings in other HTTP clients.
  • Register - Create a new account and receive authentication cookies
  • Login - Login to an existing account
  • Refresh Token - Renew your access token

Build docs developers (and LLMs) love

Get started for freeTalk to us