JWT Auth
Overview
Section titled “Overview”Authentication uses JWTs with a 30d expiry. The token payload includes:
{ "id": "<veterinario_id>" }Send the token in the Authorization header:
Authorization: Bearer <token>Middleware behavior
Section titled “Middleware behavior”Protected routes use middleware/authMiddleware.js.
- If the header is missing or invalid, the API returns
403with:{ "msg": "Token no valido o inexistente" }, or{ "msg": "Token no valido" }
- On success,
req.veterinariois populated with the veterinarian document excludingpassword,token, andconfirmado.