Skip to main content

Authentication API

Endpoints untuk user authentication dan authorization.

POST /auth/login

Login dengan email dan password.

Request

POST /api/v1/auth/login
Content-Type: application/json

{
  "email": "[email protected]",
  "password": "your_password"
}

Response

{
  "success": true,
  "data": {
    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "expires_in": 3600,
    "user": {
      "id": "user_123",
      "email": "[email protected]",
      "name": "John Doe",
      "role": "cashier"
    }
  }
}

POST /auth/register

Register user baru.

Request

POST /api/v1/auth/register
Content-Type: application/json

{
  "email": "[email protected]",
  "password": "secure_password",
  "name": "Jane Doe",
  "phone": "+6281234567890"
}

Response

{
  "success": true,
  "data": {
    "user_id": "user_456",
    "email": "[email protected]",
    "name": "Jane Doe"
  }
}

POST /auth/refresh

Refresh access token menggunakan refresh token.

Request

POST /api/v1/auth/refresh
Content-Type: application/json

{
  "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Response

{
  "success": true,
  "data": {
    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "expires_in": 3600
  }
}

POST /auth/logout

Logout dan invalidate tokens.

Request

POST /api/v1/auth/logout
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Response

{
  "success": true,
  "message": "Logout successful"
}

GET /auth/me

Get current user profile.

Request

GET /api/v1/auth/me
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Response

{
  "success": true,
  "data": {
    "id": "user_123",
    "email": "[email protected]",
    "name": "John Doe",
    "role": "cashier",
    "merchant_id": "merchant_abc",
    "branch_id": "branch_xyz"
  }
}