Users API

Base path: /api/users
File: ayts-api/src/routes/users-simple.ts
Auth required: Yes (own data), Admin (all users)

GET /api/users/profile

Get the authenticated user's profile.

Response 200:

{
  "success": true,
  "user": {
    "id": "uuid",
    "email": "user@example.com",
    "firstName": "Juan",
    "lastName": "dela Cruz",
    "phone": "+639171234567",
    "avatarUrl": "https://r2.../avatar.jpg",
    "role": "customer",
    "isActive": true,
    "defaultLocationId": "uuid",
    "createdAt": "2026-01-01T00:00:00Z"
  }
}

PATCH /api/users/profile

Update the authenticated user's profile.

{
  "firstName": "Juan",
  "lastName": "dela Cruz",
  "phone": "+639171234567",
  "avatarUrl": "https://r2.../avatar.jpg",
  "defaultLocationId": "uuid"
}

GET /api/users/:id (Admin only)

Get any user by ID. Requires admin role.

GET /api/users (Admin only)

List all users with filters. Requires admin role.

Query params: role, isActive, limit, offset, search

PATCH /api/users/:id (Admin only)

Update any user's info or status. Requires admin role.

{
  "isActive": false,
  "role": "vendor"
}

DELETE /api/users/:id (Admin only)

Soft-delete (deactivate) a user account. Requires admin role.

GET /api/users/profile​

PATCH /api/users/profile​

GET /api/users/:id (Admin only)​

GET /api/users (Admin only)​

PATCH /api/users/:id (Admin only)​

DELETE /api/users/:id (Admin only)​