CyLinuz API
REST API documentation for the CyLinuz IT Tools Platform.
Base URL: https://cylinuz.com/api
Authentication
All protected endpoints require a Bearer token in the Authorization header:
Authorization: Bearer YOUR_JWT_TOKENObtain tokens via POST /api/auth/login. Tokens expire after 7 days.
Quick Start
Register → Verify → Login → Download
# 1. Register
curl -X POST https://cylinuz.com/api/auth/register \
-H "Content-Type: application/json" \
-d '{"name":"Jane","email":"jane@example.com","password":"Secure@123"}'
# 2. Click verification link in email, then login:
curl -X POST https://cylinuz.com/api/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"jane@example.com","password":"Secure@123"}'
# Returns: {"token":"eyJ...","user":{...}}
# 3. Browse tools:
curl https://cylinuz.com/api/user/catalog \
-H "Authorization: Bearer eyJ..."
# 4. Get download token for a free product:
curl -X POST https://cylinuz.com/api/user/download/1/token \
-H "Authorization: Bearer eyJ..."
# Returns: {"token":"abc123","expiresIn":"10 minutes"}
# 5. Download the file:
curl https://cylinuz.com/api/download/file/abc123 -OAuth Endpoints
POST/api/auth/register
Register a new account
| Field | Type | Note |
|---|---|---|
| name | string | required 2–100 chars |
| string | required Valid email | |
| password | string | required 8+ chars, uppercase, lowercase, number |
POST/api/auth/login
Login and receive JWT token
GET/api/auth/verify?token=TOKEN
Verify email address
POST/api/auth/logout
Revoke current session Auth
POST/api/auth/forgot-password
Request password reset email
POST/api/auth/reset-password
Reset password with email token
GET/api/auth/me
Get current user Auth
Products & Catalog
GET/api/user/catalog
List all active products with ownership status Auth
GET/api/user/catalog/:slug
Get product details by slug Auth
GET/api/user/products
List products you own Auth
Downloads
POST/api/user/download/:productId/token
Get signed download token (expires 10 min, one-time use) Auth
GET/api/download/file/:token
Download file using signed token
GET/api/user/downloads
Download history Auth
Payments
POST/api/payment/create-order
Create Razorpay order for product Auth
POST/api/payment/verify
Verify payment signature and grant access Auth
Account
PUT/api/user/profile
Update name Auth
PUT/api/user/password
Change password Auth
GET/api/user/sessions
List active sessions Auth
DELETE/api/user/sessions/:id
Revoke a session Auth
POST/api/auth/2fa/setup
Setup TOTP 2FA Auth
POST/api/auth/2fa/verify
Enable 2FA after verifying code Auth
Error Codes
| Code | Meaning |
|---|---|
400 | Bad Request — Invalid or missing fields |
401 | Unauthorized — Invalid or expired token |
403 | Forbidden — Banned, unverified, or insufficient access |
404 | Not Found |
409 | Conflict — Email already registered |
429 | Too Many Requests — Rate limited or account locked |
500 | Server Error — Contact support |
Rate Limits
| Scope | Limit | Window |
|---|---|---|
| Global (all endpoints) | 150 requests | 1 minute |
| /api/auth/* (login, register) | 10 requests | 10 minutes |
| Account lockout | 5 failed logins | 15 minutes |