This section documents the authentication endpoints of the MiseOS API, which allow users to register and log in to receive a JWT token for authenticated requests.
Clients must first authenticate using the /auth/login endpoint to receive a token.
This token must then be included in the Authorization header for all protected endpoints.
JWT tokens expire after 30 minutes and must be refreshed by logging in again.
Authentication Endpoints#
| Method | URL | Auth |
|---|---|---|
POST | /auth/register | ANYONE |
POST | /auth/login | ANYONE |
POST /auth/register#
Registers a new user and returns their details. New users registering through /auth/register are assigned the role CUSTOMER by default.
Kitchen roles such as LINE_COOK, SOUS_CHEF, and HEAD_CHEF must be assigned by a head chef.
Request body
{
"firstName": "Dominique",
"lastName": "Crenn",
"email": "Crenn@ateliercrenn.com",
"password": "Password123"
}Response 201
{
"id": 2,
"firstName": "Dominique",
"lastName": "Crenn",
"email": "Crenn@ateliercrenn.com",
"userRole": "CUSTOMER"
}Errors
| Status | Cause |
|---|---|
400 | Invalid input — password too short, invalid email format |
409 | Email already registered |
POST /auth/login#
Returns a JWT token for use in subsequent requests.
Request body
{
"email": "gordon@kitchen.com",
"password": "Password123"
}Response 200
{
"token": "eyJhbGci...",
"email": "gordon@kitchen.com",
"role": "HEAD_CHEF"
}Errors
| Status | Cause |
|---|---|
400 | Missing email or password |
401 | Invalid credentials |