Authentication

User authentication operations

Register New User

post

Creates a new user account. Admin registration requires whitelisted email.

Body
emailstring · email · max: 50Required

User's email address

passwordstring · min: 8Write-onlyRequired

User's password

rolestring · enumOptional

User role (optional for registration)

Possible values:
Responses
201
User registered successfully. Sets refreshToken cookie.
application/json
Responseall of
post
POST /api/v1/auth/register HTTP/1.1
Host: blog-api.codewithsadee.com
Content-Type: application/json
Accept: */*
Content-Length: 59

{
  "email": "[email protected]",
  "password": "text",
  "role": "admin"
}
{
  "accessToken": "text",
  "user": {
    "_id": "text",
    "username": "text",
    "email": "[email protected]",
    "role": "user",
    "firstName": "text",
    "lastName": "text",
    "socialLinks": {
      "website": "text",
      "facebook": "text",
      "instagram": "text",
      "linkedin": "text",
      "x": "text",
      "youtube": "text"
    },
    "createdAt": "2025-07-28T18:43:44.553Z",
    "updatedAt": "2025-07-28T18:43:44.553Z"
  }
}

Login User

post

Authenticates a user and returns tokens.

Body
emailstring · email · max: 50Required

User's email address

passwordstring · min: 8Write-onlyRequired

User's password

rolestring · enumOptional

User role (optional for registration)

Possible values:
Responses
200
Login successful. Sets refreshToken cookie.
application/json
Responseall of
post
POST /api/v1/auth/login HTTP/1.1
Host: blog-api.codewithsadee.com
Content-Type: application/json
Accept: */*
Content-Length: 59

{
  "email": "[email protected]",
  "password": "text",
  "role": "admin"
}
{
  "accessToken": "text",
  "user": {
    "_id": "text",
    "username": "text",
    "email": "[email protected]",
    "role": "user",
    "firstName": "text",
    "lastName": "text",
    "socialLinks": {
      "website": "text",
      "facebook": "text",
      "instagram": "text",
      "linkedin": "text",
      "x": "text",
      "youtube": "text"
    },
    "createdAt": "2025-07-28T18:43:44.553Z",
    "updatedAt": "2025-07-28T18:43:44.553Z"
  }
}

Refresh Access Token

post

Generates a new access token using the refresh token cookie.

cookie
refreshTokenstring · jwtRequired

HTTP-only refresh token cookie.

Responses
200
Access token refreshed successfully.
application/json
post
POST /api/v1/auth/refresh-token HTTP/1.1
Host: blog-api.codewithsadee.com
Accept: */*
{
  "accessToken": "text"
}

Logout User

post

Invalidates the refresh token and clears the cookie. Requires both access and refresh tokens.

Authorizations
cookie
refreshTokenstring · jwtRequired

HTTP-only refresh token cookie.

Responses
200
Logout successful. Clears refreshToken cookie.
application/json
post
POST /api/v1/auth/logout HTTP/1.1
Host: blog-api.codewithsadee.com
Authorization: Bearer JWT
Accept: */*
{
  "message": "Logged out successfully"
}

Was this helpful?