Authentication

User authentication operations

Register New User

post

Creates a new user account. Admin registration requires whitelisted email.

Body

emailstring · email · max: 50Required

User's email address

passwordstring · min: 8Write-onlyRequired

User's password

rolestring · enumOptional

User role (optional for registration)

Possible values:

Responses

201

User registered successfully. Sets refreshToken cookie.

application/json

400

Invalid input data provided. See errors object for details.

application/json

403

Admin registration denied for non-whitelisted email.

application/json

500

An unexpected error occurred on the server.

application/json

post

/auth/register

POST /api/v1/auth/register HTTP/1.1
Host: blog-api.codewithsadee.com
Content-Type: application/json
Accept: */*
Content-Length: 59

{
  "email": "[email protected]",
  "password": "text",
  "role": "admin"
}

{
  "accessToken": "text",
  "user": {
    "_id": "text",
    "username": "text",
    "email": "[email protected]",
    "role": "user",
    "firstName": "text",
    "lastName": "text",
    "socialLinks": {
      "website": "text",
      "facebook": "text",
      "instagram": "text",
      "linkedin": "text",
      "x": "text",
      "youtube": "text"
    },
    "createdAt": "2025-12-21T04:06:25.654Z",
    "updatedAt": "2025-12-21T04:06:25.654Z"
  }
}

post

Authenticates a user and returns tokens.

Body

emailstring · email · max: 50Required

User's email address

passwordstring · min: 8Write-onlyRequired

User's password

rolestring · enumOptional

User role (optional for registration)

Possible values:

Responses

200

application/json

400

Invalid input data provided. See errors object for details.

application/json

404

The specified resource was not found.

application/json

500

An unexpected error occurred on the server.

application/json

post

/auth/login

POST /api/v1/auth/login HTTP/1.1
Host: blog-api.codewithsadee.com
Content-Type: application/json
Accept: */*
Content-Length: 59

{
  "email": "[email protected]",
  "password": "text",
  "role": "admin"
}

{
  "accessToken": "text",
  "user": {
    "_id": "text",
    "username": "text",
    "email": "[email protected]",
    "role": "user",
    "firstName": "text",
    "lastName": "text",
    "socialLinks": {
      "website": "text",
      "facebook": "text",
      "instagram": "text",
      "linkedin": "text",
      "x": "text",
      "youtube": "text"
    },
    "createdAt": "2025-12-21T04:06:25.654Z",
    "updatedAt": "2025-12-21T04:06:25.654Z"
  }
}

Refresh Access Token

post

Generates a new access token using the refresh token cookie.

refreshTokenstring · jwtRequired

HTTP-only refresh token cookie.

Responses

200

Access token refreshed successfully.

application/json

400

Invalid input data provided. See errors object for details.

application/json

401

Authentication information is missing or invalid (e.g., missing/expired token).

application/json

500

An unexpected error occurred on the server.

application/json

post

/auth/refresh-token

POST /api/v1/auth/refresh-token HTTP/1.1
Host: blog-api.codewithsadee.com
Accept: */*

{
  "accessToken": "text"
}

Logout User

post

Invalidates the refresh token and clears the cookie. Requires both access and refresh tokens.

Authorizations

AuthorizationstringRequired

JWT Access Token obtained via login/register/refresh

refreshTokenstring · jwtRequired

HTTP-only refresh token cookie.

Responses

200

Logout successful. Clears refreshToken cookie.

application/json

400

Invalid input data provided. See errors object for details.

application/json

401

Authentication information is missing or invalid (e.g., missing/expired token).

application/json

500

An unexpected error occurred on the server.

application/json

post

/auth/logout

POST /api/v1/auth/logout HTTP/1.1
Host: blog-api.codewithsadee.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "message": "Logged out successfully"
}

PreviousRoot NextUsers

Last updated 6 months ago

Was this helpful?

Register New User

Login User

Refresh Access Token

Logout User