Auth API

Endpoints d'authentification pour l'API MyTelevision v2.

Base URL : /api/v2/auth

Endpoints

Vue d'ensemble

Methode	Endpoint	Description	Auth
POST	/auth/register	Inscription	Non
POST	/auth/login	Connexion	Non
POST	/auth/refresh	Rafraichir token	Non
POST	/auth/logout	Deconnexion	Oui
POST	/auth/forgot-password	Mot de passe oublie	Non
POST	/auth/reset-password	Reinitialiser mot de passe	Non
POST	/auth/verify-email	Verifier email	Non
POST	/auth/resend-verification	Renvoyer verification	Non
POST	/auth/social/google	Auth Google	Non
POST	/auth/social/apple	Auth Apple	Non
POST	/auth/social/facebook	Auth Facebook	Non
POST	/auth/firebase	Auth Firebase (auto-detect)	Non
POST	/auth/social/link	Lier compte social	Oui
DELETE	/auth/social/unlink/:provider	Delier compte social	Oui
GET	/auth/social/accounts	Lister comptes lies	Oui
GET	/auth/me	Utilisateur courant	Oui

---

POST /auth/register

Creer un nouveau compte utilisateur.

POST /api/v2/auth/register
Content-Type: application/json

{
  "email": "[email protected]",
  "password": "Password123!",
  "firstName": "John",
  "lastName": "Doe"
}

Reponse 201 Created

{
  "id": "uuid",
  "email": "[email protected]",
  "firstName": "John",
  "lastName": "Doe"
}

---

POST /auth/login

Connexion avec email et mot de passe.

POST /api/v2/auth/login
Content-Type: application/json

{
  "email": "[email protected]",
  "password": "password123"
}

Reponse 200 OK

{
  "accessToken": "eyJhbG...",
  "refreshToken": "eyJhbG...",
  "expiresIn": 900,
  "tokenType": "Bearer",
  "user": {
    "id": "uuid",
    "email": "[email protected]",
    "role": "USER",
    "subscription": {
      "plan": "PREMIUM",
      "expiresAt": "2025-12-31T23:59:59.000Z"
    }
  }
}

---

POST /auth/refresh

Rafraichir le token d'acces.

POST /api/v2/auth/refresh
Content-Type: application/json

{
  "refreshToken": "eyJhbG..."
}

Reponse 200 OK

{
  "accessToken": "eyJhbG...",
  "expiresIn": 900
}

---

POST /auth/logout

Deconnexion et revocation du token.

POST /api/v2/auth/logout
Authorization: Bearer <token>

Reponse 204 No Content

---

POST /auth/social/google

Connexion avec Google via Firebase.

POST /api/v2/auth/social/google
Content-Type: application/json

{
  "idToken": "firebase-id-token"
}

---

POST /auth/social/apple

Connexion avec Apple via Firebase.

POST /api/v2/auth/social/apple
Content-Type: application/json

{
  "idToken": "firebase-id-token"
}

---

POST /auth/firebase

Connexion via Firebase avec auto-detection du provider.

POST /api/v2/auth/firebase
Content-Type: application/json

{
  "idToken": "firebase-id-token"
}

---

GET /auth/me

Obtenir les informations de l'utilisateur courant.

GET /api/v2/auth/me
Authorization: Bearer <token>

Reponse 200 OK

{
  "id": "uuid",
  "email": "[email protected]",
  "firstName": "John",
  "lastName": "Doe",
  "role": "USER",
  "subscription": {
    "plan": "PREMIUM",
    "expiresAt": "2025-12-31T23:59:59.000Z"
  }
}

Validation

Email

• Format email valide
• Maximum 255 caracteres

Mot de passe

• Minimum 8 caracteres
• Au moins 1 majuscule
• Au moins 1 chiffre
• Au moins 1 caractere special

Securite

Mesure	Detail
Hash des mots de passe	bcrypt (cost 12)
Signature JWT	RS256
Rate limiting login	5 tentatives / 15 min
Sessions	Stockees dans Redis
IP binding	Optionnel

Codes d'erreur

Code	Message	Description
401	Invalid credentials	Email ou mot de passe incorrect
401	Token expired	Token JWT expire
403	Account suspended	Compte suspendu
409	Email already exists	Email deja utilise
422	Validation failed	Donnees invalides
429	Too many attempts	Trop de tentatives