User Service API Documentation

Admin
{
  email: 'admin@crc.com',
  password: 'admin',
}

User
{
  email: 'user@crc.com',
  password: 'admin',
}

Payload
{
  email: 'user@crc.com',
  password: 'admin',
}

Response 200 {
  id: 1, // user id
  token: 'some JWT token',
  expireAt: 1621612627, // timestamp in second of when the token expires
}

Payload
{
  name: 'New User',
  email: 'new-user@crc.com',
  password: 'new-password',
  role: 'user', // optional
  organisation: 'company name', // optional
  phone: '0412345678', // optional
  createdBy: 1, // optional, a userId to determine who created this user
}

Response 201 {
  id: 1,
  role: 'user',
  status: 'active',
  name: 'New User',
  email: 'new-user@crc.com',
}

Response 400 { email: 'Email already exists!', name: 'Name already exists!' }

Header
{
  Authorization: Bearer <JWT token>
}
Payload
{ }

Response 200 {
  id: 1,
  role: 'user',
  status: 'active',
  name: 'New User',
  email: 'new-user@crc.com',
}

Header
{
  Authorization: Bearer <JWT token>
}

Response 200 [{
  id: 1,
  role: 'user',
  status: 'active',
  name: 'New User',
  email: 'new-user@crc.com',
}, {
  id: 1,
  role: 'user',
  status: 'active',
  name: 'New User',
  email: 'new-user@crc.com',
},
...
]

Response 403 if token is incorrect

Get a specific user. User with role='admin' can get any user's data. User with role='user' can only get their own data.

Header
{
  Authorization: Bearer <JWT token>
}

Response 200 {
  id: 1,
  role: 'user',
  status: 'active',
  name: 'New User',
  email: 'new-user@crc.com',
}

Response 403 if token is incorrect
Response 404 if user is not found or not have access to other users

Update a specific user. User with role='admin' can update any user's data. User with role='user' can only update their own data. All fields are optional, which means you can just add the data you need to update

Header
{
  Authorization: Bearer <JWT token>
}
Payload
{
  name: 'Updated User',
  password: 'updated-password',
  role: 'user', // optional
  organisation: 'company name', // optional
  phone: '0412345678', // optional
}

Response 200 {
  id: 1,
  role: 'user',
  status: 'active',
  name: 'Updated User',
  email: 'new-user@crc.com',
}

Response 400 { email: 'Email already exists!', name: 'Name already exists!' }
Response 403 if token is incorrect
Response 404 if user is not found or not have access to other users

Send an email that contains a link to reset user's password. The reset password token will expire after 1 hour User will receive an email with the link to reset. If there is another request to send reset password, the system will send the same token if it is not expired.

Payload
{
  email: 'user@crc.com',
}

Response 204 if successful
Response 400 if user is not found

Reset user's password

Payload
{
  token: <Reset password token>,
  password: 'new-password',
}

Response 204 if successful
Response 400 if user is not found or token already expired

User Service API Documentation

Sample User

POST /login

POST /register

POST /verify

GET /users

GET /users/:id

PATCH /users/:id

POST /request-reset-password

POST /reset-password