Authentication
User authentication operations
Creates a new user account. Admin registration requires whitelisted email.
Body
emailstring · email · max: 50Required
User's email address
passwordstring · min: 8Write-onlyRequired
User's password
rolestring · enumOptionalPossible values:
User role (optional for registration)
Responses
201
User registered successfully. Sets refreshToken cookie.
application/json
Responseall of
400
Invalid input data provided. See errors object for details.
application/json
403
Admin registration denied for non-whitelisted email.
application/json
500
An unexpected error occurred on the server.
application/json
post
POST /api/v1/auth/register HTTP/1.1
Host: blog-api.codewithsadee.com
Content-Type: application/json
Accept: */*
Content-Length: 59
{
"email": "[email protected]",
"password": "text",
"role": "admin"
}{
"accessToken": "text",
"user": {
"_id": "text",
"username": "text",
"email": "[email protected]",
"role": "user",
"firstName": "text",
"lastName": "text",
"socialLinks": {
"website": "text",
"facebook": "text",
"instagram": "text",
"linkedin": "text",
"x": "text",
"youtube": "text"
},
"createdAt": "2025-07-28T18:43:44.553Z",
"updatedAt": "2025-07-28T18:43:44.553Z"
}
}Authenticates a user and returns tokens.
Body
emailstring · email · max: 50Required
User's email address
passwordstring · min: 8Write-onlyRequired
User's password
rolestring · enumOptionalPossible values:
User role (optional for registration)
Responses
200
Login successful. Sets refreshToken cookie.
application/json
Responseall of
400
Invalid input data provided. See errors object for details.
application/json
404
The specified resource was not found.
application/json
500
An unexpected error occurred on the server.
application/json
post
POST /api/v1/auth/login HTTP/1.1
Host: blog-api.codewithsadee.com
Content-Type: application/json
Accept: */*
Content-Length: 59
{
"email": "[email protected]",
"password": "text",
"role": "admin"
}{
"accessToken": "text",
"user": {
"_id": "text",
"username": "text",
"email": "[email protected]",
"role": "user",
"firstName": "text",
"lastName": "text",
"socialLinks": {
"website": "text",
"facebook": "text",
"instagram": "text",
"linkedin": "text",
"x": "text",
"youtube": "text"
},
"createdAt": "2025-07-28T18:43:44.553Z",
"updatedAt": "2025-07-28T18:43:44.553Z"
}
}Generates a new access token using the refresh token cookie.
cookie
refreshTokenstring · jwtRequired
HTTP-only refresh token cookie.
Responses
200
Access token refreshed successfully.
application/json
400
Invalid input data provided. See errors object for details.
application/json
401
Authentication information is missing or invalid (e.g., missing/expired token).
application/json
500
An unexpected error occurred on the server.
application/json
post
POST /api/v1/auth/refresh-token HTTP/1.1
Host: blog-api.codewithsadee.com
Accept: */*
{
"accessToken": "text"
}Invalidates the refresh token and clears the cookie. Requires both access and refresh tokens.
Authorizations
cookie
refreshTokenstring · jwtRequired
HTTP-only refresh token cookie.
Responses
200
Logout successful. Clears refreshToken cookie.
application/json
400
Invalid input data provided. See errors object for details.
application/json
401
Authentication information is missing or invalid (e.g., missing/expired token).
application/json
500
An unexpected error occurred on the server.
application/json
post
POST /api/v1/auth/logout HTTP/1.1
Host: blog-api.codewithsadee.com
Authorization: Bearer JWT
Accept: */*
{
"message": "Logged out successfully"
}Was this helpful?