Skip to content

Backend (www-backend) docs

The NestJS 11 accounts/billing API behind the site (www-backend/) — Prisma 7 + PostgreSQL. See ../../www-backend/README.md for the full route table and layout.

  • Auth (global prefix /api): POST /auth/register · /auth/login · /auth/refresh · /auth/logout, GET /auth/me, plus Google/GitHub OAuth (/auth/google, /auth/github). A JWT access token is returned in the body; the refresh token is an httpOnly cookie (kimtos_rt).
  • Entitlements: GET /auth/entitlements returns the live free/Pro plan (read from the DB, so upgrades/downgrades reflect immediately).
  • Billing: POST /billing/checkout · /billing/portal · /billing/webhook (Stripe — Pro subscription Checkout, customer portal, and the signed webhook).
  • Extension login handoff: POST /auth/extension/handoff · /exchange · /refresh · /logout — the extension holds body-based tokens (no cookie).
  • Run: make backend-db (Postgres via Docker) then make backend.
  • Config: see the root .env.example; the site origin must be in CORS_ORIGINS.