Auth - BevvyTech/BrewskiDocs GitHub Wiki

Authentication

Authentication endpoints handle account registration, login, token rotation, and logout. They are the only public endpoints.

Method Path Description
POST /auth/register Register or attach a password-based account.
POST /auth/login Login with email/password.
POST /auth/google Exchange a Google OAuth code for tokens.
POST /auth/refresh Rotate refresh tokens and issue a new access token.
POST /auth/logout Revoke a refresh token (optional body).

POST /auth/register

  • Auth: Public
  • Body: 
    {
  "email": "[email protected]",
  "password": "SuperSecret123",
  "name": "Brew Master"
}
  • Response 201: Auth payload (see access/refresh token structure).
  • Logging: Request/response metadata is recorded (email, userId, existingAccount flag, memberships count); passwords and tokens are never logged.
  • Avatar: If no custom avatar is stored, the response includes a Gravatar identicon generated from the email address.
  • Errors:
    • 409 Conflict – user already has a password.

POST /auth/login

  • Auth: Public
  • Body: 
    {
  "email": "[email protected]",
  "password": "SuperSecret123"
}
  • Response 200: Auth payload.
  • Errors:
    • 401 Unauthorized – invalid credentials.

POST /auth/google

  • Auth: Public
  • Body: 
    {
  "code": "4/0Aea...",
  "redirectUri": "https://admin.brewskiapp.com/auth/callback"
}
  • Response 200: Auth payload.
  • Errors:
    • 401 Unauthorized – code exchange or ID token verification failed.
    • 400 Bad Request – Google payload missing required fields.

POST /auth/refresh

  • Auth: Public
  • Body: 
    {
  "refreshToken": "0f68fe8d-f2a0-4b9e-8f43-dc47b995b61d"
}
  • Response 200: Auth payload with rotated tokens.
  • Errors:
    • 401 Unauthorized – invalid or revoked refresh token.

POST /auth/logout

  • Auth: Public
  • Body (optional): 
    {
  "refreshToken": "0f68fe8d-f2a0-4b9e-8f43-dc47b995b61d"
}
  • Response 204: No content (idempotent).
⚠️ **GitHub.com Fallback** ⚠️