Aller au contenu

API Authentification

Endpoints d'authentification et gestion des tokens JWT.

POST /auth/register

Créer un nouveau compte utilisateur.

Request

{
  "email": "user@example.com",
  "password": "SecurePassword123!",
  "first_name": "John",
  "last_name": "Doe"
}

Response 201

{
  "id": "uuid",
  "email": "user@example.com",
  "first_name": "John",
  "last_name": "Doe",
  "role": "user",
  "created_at": "2026-01-16T10:00:00Z"
}

Validation

  • Email: Format valide, unique
  • Password: Min 8 caractères, 1 majuscule, 1 chiffre

POST /auth/login

Authentifier et obtenir des tokens JWT.

Request

{
  "email": "user@example.com",
  "password": "SecurePassword123!"
}

Response 200

{
  "access_token": "eyJhbGciOiJIUzI1NiIs...",
  "refresh_token": "eyJhbGciOiJIUzI1NiIs...",
  "token_type": "bearer",
  "expires_in": 3600
}

Tokens

Token Validité
access_token 60 minutes
refresh_token 7 jours

POST /auth/refresh

Renouveler l'access token.

Request

{
  "refresh_token": "eyJhbGciOiJIUzI1NiIs..."
}

Response 200

{
  "access_token": "eyJhbGciOiJIUzI1NiIs...",
  "token_type": "bearer",
  "expires_in": 3600
}

POST /auth/logout

Déconnecter l'utilisateur.

Headers

Authorization: Bearer <token>

Response 200

{
  "message": "Successfully logged out"
}

GET /auth/me

Obtenir le profil de l'utilisateur connecté.

Headers

Authorization: Bearer <token>

Response 200

{
  "id": "uuid",
  "email": "user@example.com",
  "first_name": "John",
  "last_name": "Doe",
  "role": "user",
  "preferences": {
    "theme": "dark",
    "language": "fr"
  }
}

Erreurs

401 Unauthorized

{
  "detail": "Could not validate credentials"
}

Solutions:

  • Vérifier le token dans le header
  • Vérifier l'expiration du token
  • Utiliser /auth/refresh