Authentication API
Overview
The Authentication API provides endpoints for user registration, login, and session management. These endpoints allow users to create accounts, authenticate, and manage their sessions on the BattleScript platform.
Authentication Endpoints
/api/auth/register
Description: Creates a new user account.
Request Body:
{
"username": "string",
"email": "string",
"password": "string"
}Response:
{
"success": true,
"message": "User registered successfully",
"user": {
"id": "string",
"username": "string",
"email": "string",
"createdAt": "string"
}
}Example:
// Register a new user
fetch('/api/auth/register', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
username: 'player1',
email: 'player1@example.com',
password: 'securepassword123'
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));/api/auth/login
Description: Authenticates a user and creates a session.
Request Body:
{
"email": "string",
"password": "string"
}Response:
{
"success": true,
"message": "Login successful",
"user": {
"id": "string",
"username": "string",
"email": "string"
},
"token": "string" // JWT token for authentication
}Example:
// Login a user
fetch('/api/auth/login', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
email: 'player1@example.com',
password: 'securepassword123'
})
})
.then(response => response.json())
.then(data => {
// Store the token for future authenticated requests
localStorage.setItem('authToken', data.token);
console.log('Logged in successfully');
})
.catch(error => console.error('Error:', error));/api/auth/logout
Description: Ends the current user session.
Headers:
{
"Authorization": "Bearer {token}"
}Response:
{
"success": true,
"message": "Logged out successfully"
}Example:
// Logout a user
const token = localStorage.getItem('authToken');
fetch('/api/auth/logout', {
method: 'POST',
headers: {
'Authorization': `Bearer ${token}`
}
})
.then(response => response.json())
.then(data => {
// Remove the token from storage
localStorage.removeItem('authToken');
console.log('Logged out successfully');
})
.catch(error => console.error('Error:', error));/api/auth/session
Description: Retrieves information about the current session.
Headers:
{
"Authorization": "Bearer {token}"
}Response:
{
"success": true,
"user": {
"id": "string",
"username": "string",
"email": "string",
"createdAt": "string",
"lastLogin": "string"
}
}Example:
// Get current session info
const token = localStorage.getItem('authToken');
fetch('/api/auth/session', {
headers: {
'Authorization': `Bearer ${token}`
}
})
.then(response => response.json())
.then(data => {
console.log('Current user:', data.user);
})
.catch(error => console.error('Error:', error));Authentication Flow
The typical authentication flow for the BattleScript platform is as follows:
- User registers an account using the
/api/auth/registerendpoint - User logs in using the
/api/auth/loginendpoint and receives a JWT token - The client stores this token (typically in localStorage or a secure cookie)
- For subsequent authenticated requests, the client includes the token in the Authorization header
- When the user logs out, the client calls
/api/auth/logoutand removes the stored token
The JWT token contains encoded user information and has an expiration time. If a token expires, the user will need to log in again to obtain a new token.