Skip to content
Budgeti

Auth Module

What this module solves

Section titled “What this module solves”

Creates and authenticates users, then issues JWT tokens used by all protected API modules.

Endpoints

Section titled “Endpoints”
  • POST /api/v1/auth/register
  • POST /api/v1/auth/login
  • POST /api/v1/auth/google

Validation rules

Section titled “Validation rules”
  • Register: name 3-20 chars, valid email, strong password with uppercase/lowercase/number/special char.
  • Login: valid email and password format checks.
  • Google auth: non-empty token.
  • Schema file: backend/src/Shared/Schemas/userSchema.ts.

Internal flow

Section titled “Internal flow”
RouteControllerUse caseRepository / Service chainRoute file trace
POST /auth/registerAuthController.registerUserRegisterImplUserRepositoryImpl, PasswordHasherImpl, TokenServiceImplbackend/src/Presentation/Routes/AuthRoutes.ts
POST /auth/loginAuthController.loginUserLoginImplUserRepositoryImpl, PasswordHasherImpl, TokenServiceImplbackend/src/Presentation/Routes/AuthRoutes.ts
POST /auth/googleAuthController.googleAuthLoginWithGoogleImplGoogleAuthServiceImpl, UserRepositoryImpl, TokenServiceImplbackend/src/Presentation/Routes/AuthRoutes.ts

Controller: backend/src/Presentation/Controllers/AuthController.ts.

Common errors

Section titled “Common errors”
  • VALIDATION_FAILED (422): invalid request shape.
  • INVALID_CREDENTIALS (404): incorrect login credentials.
  • GOOGLE_TOKEN_INVALID / GOOGLE_TOKEN_EXPIRED (401): invalid Google token.
  • USER_REGISTERED_WITH_GOOGLE (400): account must use Google login.

Testing notes

Section titled “Testing notes”
  • E2E files:
    • backend/src/tests/e2e/auth/registration.e2e.test.ts
    • backend/src/tests/e2e/auth/login.e2e.test.ts
    • backend/src/tests/e2e/auth/google-auth.e2e.test.ts
  • Unit coverage examples:
    • backend/src/tests/unit/auth-middleware.test.ts
    • backend/src/tests/unit/token-service-impl.test.ts

Quick snippets

Section titled “Quick snippets”

1) cURL request example

Section titled “1) cURL request example”
Terminal window
curl -X POST "https://budgeti-backend.johandercampos.com/api/v1/auth/login" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "alice@example.com",
    "password": "Secret123!"
  }'

2) Success JSON response example

Section titled “2) Success JSON response example”
{
  "code": "USER_LOGGED_IN",
  "message": "User authenticated successfully",
  "data": {
    "user": {
      "id": "usr_123",
      "name": "Alice",
      "email": "alice@example.com"
    },
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
  }
}

3) Common error JSON response example

Section titled “3) Common error JSON response example”
{
  "code": "INVALID_CREDENTIALS",
  "message": "Invalid credentials",
  "error": "Invalid credentials"
}

4) Tiny internal trace snippet

Section titled “4) Tiny internal trace snippet”
// AuthController.login
const { email, password } = req.body;
const result = await userLoginImpl.execute({ email, password });


const payload = buildSuccessResponse(SuccessCodes.USER_LOGGED_IN);
return res.status(200).json({
  ...payload,
  data: result,
});