🐎 Haves API

Complete technical documentation for the race horse pedigree platform. Supports Hybrid Authentication (Firebase + Custom JWT).

Base URL: http://localhost:3000/api/v1
Authentication: All protected routes require a Bearer token in the Authorization header.

🔑 Authentication

We support two authentication paths: Firebase SSO (Google/Email) and Custom JWT (Email/Password). Identity is unified across both systems.

POST /auth/signup

Create a new unverified account. Triggers a verification email via Nodemailer.

Body
{
  "username": "johndoe",
  "email": "john@sample.com",
  "password": "strongPassword123!"
}
GET /auth/verify-email?token=...

Activates a custom account using the verification token sent via email.

POST /auth/login

Log in with email/password. Returns a Custom JWT. Fails if the email is not verified. 

Body
{
  "loginKey": "john@sample.com",
  "password": "strongPassword123!"
}
GET /auth/role
Required

Hybrid endpoint. Verifies either token and returns the user's role and database ID.

🐴 Horses

GET /horses?page=1&limit=20

Public endpoint. Returns a paginated list of all horses.

GET /horses/real?horseid=...&gen=3

Fetches a real horse pedigree for a specific number of generations.

POST /horses
Admin / Owner

Create a new horse record. Ownership is tied to the authenticated user's ID.

Body
{
  "name": "Super Sprinter",
  "sex": "Stallion",
  "sireId": 497875,
  "damId": 376952
}

📊 Membership Plans

GET /plans

Returns all available subscription plans.