User Profile (Current User)
API endpoint for retrieving the currently authenticated user's profile information.
BASE API ENDPOINT
/api/v1/me
User Entity
Entity Schema
interface UserEntity {
id: string; // UUID - User identifier
email: string; // User email address
name: string; // User display name
roles: string[]; // User roles array (e.g., ['client'], ['admin'], ['admin', 'client'])
emailConfirmed: boolean; // Email confirmation status
createdAt: string; // ISO 8601 timestamp
updatedAt: string; // ISO 8601 timestamp
lastLogin?: string; // ISO 8601 timestamp (optional)
}
Field Descriptions:
- id: Unique identifier (UUID) for the user
- email: User's email address (used for login)
- name: Display name of the user
- roles: User's roles in the system (array of strings:
['client'],['admin'], or['admin', 'client']) - emailConfirmed: Whether the user has confirmed their email address
- createdAt: Timestamp when the user account was created
- updatedAt: Timestamp when the user account was last updated
- lastLogin: Timestamp of the user's last login (optional)
Get Current User
Endpoint: GET /api/v1/me
Description: Returns the profile information of the currently authenticated user.
Headers:
Authorization: Bearer ACCESS_TOKEN
Response: 200 OK
{
"success": true,
"data": {
"id": "uuid-here",
"email": "user@example.com",
"name": "John Doe",
"roles": ["client"],
"emailConfirmed": true,
"createdAt": "2024-01-22T14:30:00Z",
"updatedAt": "2024-01-23T10:15:00Z",
"lastLogin": "2024-01-23T10:15:00Z"
}
}
Error Response: 401 Unauthorized
{
"success": false,
"error": {
"code": "UNAUTHORIZED",
"message": "Invalid or missing authentication token."
}
}
Update Current User
Endpoint: PATCH /api/v1/me
Description: Updates the profile information of the currently authenticated user.
Headers:
Authorization: Bearer ACCESS_TOKEN
Content-Type: application/json
Request Body:
{
"name": "John Updated Doe"
}
Request Body Fields:
name(string, optional) - User's display name
Response: 200 OK
{
"success": true,
"data": {
"id": "uuid-here",
"email": "user@example.com",
"name": "John Updated Doe",
"roles": ["client"],
"emailConfirmed": true,
"createdAt": "2024-01-22T14:30:00Z",
"updatedAt": "2024-01-23T11:30:00Z",
"lastLogin": "2024-01-23T10:15:00Z"
},
"message": "Profile updated successfully"
}
Error Responses:
400 Bad Request (Validation Error):
{
"success": false,
"error": {
"code": "VALIDATION_ERROR",
"message": "Invalid input data.",
"details": {
"name": ["Name must be at least 2 characters long"]
}
}
}
401 Unauthorized:
{
"success": false,
"error": {
"code": "UNAUTHORIZED",
"message": "Invalid or missing authentication token."
}
}
Get Current User Requests
This endpoint is a convenience wrapper. For full documentation, see GET /api/v1/text-to-speech which automatically filters submissions by the authenticated user's clientId.
Endpoint: GET /api/v1/me/requests
Description: Returns all text-to-speech submissions created by the currently authenticated user. This endpoint automatically filters results by the user's clientId.
Headers:
Authorization: Bearer ACCESS_TOKEN
Query Parameters:
page(int, optional, default: 1) - Page numberlimit(int, optional, default: 10, max: 100) - Items per pagestatus(string, optional) - Filter by status:pending,processing,completedsortBy(string, optional, default: "createdAt") - Sort field (createdAt, updatedAt, status)sortOrder(string, optional, default: "desc") - Sort order (asc, desc)
Response: 200 OK
{
"success": true,
"data": {
"requests": [
{
"requestId": "uuid-1",
"text": "Sample text to convert to audio",
"voiceId": "voice-uuid",
"voiceName": "Rachel",
"status": "completed",
"audioUrl": "https://s3.amazonaws.com/bucket/audio-1.mp3",
"slug": "sample-text-convert-audio-1706025600",
"createdAt": "2024-01-23T09:00:00Z",
"updatedAt": "2024-01-23T10:00:00Z",
"completedAt": "2024-01-23T10:00:00Z"
},
{
"requestId": "uuid-2",
"text": "Another sample text",
"voiceId": "voice-uuid-2",
"voiceName": "Adam",
"status": "processing",
"audioUrl": null,
"slug": "another-sample-text-1706025700",
"createdAt": "2024-01-23T10:15:00Z",
"updatedAt": "2024-01-23T10:20:00Z",
"completedAt": null
}
],
"pagination": {
"currentPage": 1,
"totalPages": 3,
"totalRequests": 25,
"limit": 10
}
}
}
Change Password
Endpoint: POST /api/v1/me/change-password
Description: Changes the password for the currently authenticated user.
Headers:
Authorization: Bearer ACCESS_TOKEN
Content-Type: application/json
Request Body:
{
"currentPassword": "OldPassword123!",
"newPassword": "NewPassword123!",
"confirmNewPassword": "NewPassword123!"
}
Request Body Fields:
currentPassword(string, required) - Current passwordnewPassword(string, required) - New password (must meet password requirements)confirmNewPassword(string, required) - New password confirmation (must match newPassword)
Password Requirements:
- Minimum 8 characters
- At least one uppercase letter (A-Z)
- At least one lowercase letter (a-z)
- At least one digit (0-9)
- At least one special character (!@#$%^&*)
Response: 200 OK
{
"success": true,
"message": "Password changed successfully"
}
Error Responses:
400 Bad Request (Password Mismatch):
{
"success": false,
"error": {
"code": "PASSWORD_MISMATCH",
"message": "New password and confirmation do not match."
}
}
400 Bad Request (Invalid Current Password):
{
"success": false,
"error": {
"code": "INVALID_PASSWORD",
"message": "Current password is incorrect."
}
}
400 Bad Request (Password Requirements Not Met):
{
"success": false,
"error": {
"code": "WEAK_PASSWORD",
"message": "New password does not meet security requirements.",
"details": {
"requirements": [
"Minimum 8 characters",
"At least one uppercase letter",
"At least one lowercase letter",
"At least one digit",
"At least one special character"
]
}
}
}
Testing Endpoints
Using cURL
Get Current User:
curl -X GET http://localhost:5000/api/v1/me \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Update Current User:
curl -X PATCH http://localhost:5000/api/v1/me \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-d '{
"name": "John Updated Doe"
}'
Get Current User Requests:
curl -X GET "http://localhost:5000/api/v1/me/requests?page=1&limit=10&status=completed" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Change Password:
curl -X POST http://localhost:5000/api/v1/me/change-password \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-d '{
"currentPassword": "OldPassword123!",
"newPassword": "NewPassword123!",
"confirmNewPassword": "NewPassword123!"
}'
Access Control
Who Can Access These Endpoints?
All /api/v1/me endpoints require authentication. Any authenticated user (both client and admin roles) can access their own profile information through these endpoints.
GET /api/v1/me:
- Any authenticated user can view their own profile
PATCH /api/v1/me:
- Any authenticated user can update their own profile
GET /api/v1/me/requests:
- Client users: See only their own submissions (filtered by
clientId) - Admin users: See only their own submissions (filtered by
clientId) - Note: For admin access to all submissions, use
GET /api/v1/text-to-speech
POST /api/v1/me/change-password:
- Any authenticated user can change their own password
Use Cases
Client User
Get My Profile:
- Send GET request to
/api/v1/mewith Bearer token - Retrieve user's name, email, roles, and account details
Update My Profile:
- Send PATCH request to
/api/v1/mewith Bearer token - Update name or other allowed profile fields
View My Requests:
- Send GET request to
/api/v1/me/requestswith Bearer token - Filter by status and paginate results
- View all text-to-speech submissions created by the user
Change Password:
- Send POST request to
/api/v1/me/change-passwordwith Bearer token - Provide current password and new password
- New password must meet security requirements
Related Documentation
- Authentication - Login and authentication flow
- Client Management - Admin client management
- Request Management - Text-to-audio requests
- Epic 1 Overview - Feature overview