API Reference: Auth

Endpoints

• POST /api/auth/request-otp
• POST /api/auth/verify-otp
• GET /api/auth/me
• PATCH /api/auth/me
• POST /api/auth/me/avatar
• GET /api/auth/avatar/:filename

POST /api/auth/request-otp

Body:

{
  "email": "user@example.com",
  "lang": "pl"
}

Notes:

• lang: pl or en
• rejects non-allowed domains: domain_not_allowed
• OTP rate limit exceeded: too_many_requests

POST /api/auth/verify-otp

Body:

{
  "email": "user@example.com",
  "code": "12345678"
}

Returns JWT token + user payload.