Skip to main content

API Docs (v1)

Endpoints públicos de Vetta Trainer. Sin auth salvo donde se indique. JSON in/out, status codes estándar.

Calculadoras (no auth)

POST /api/tools/vdot

{"distance": "10K", "time": "42:30", "altitude_m": 0, "units": "metric"}
→ {"vdot": 48.4, "predictions": {...}}

POST /api/tools/zonas

{"fc_max": 190, "fc_reposo": 55, "umbral_pace": "4:00", "ftp": 240}
→ {"hr_zones": {...}, "pace_zones": {...}, "power_zones": {...}}

POST /api/tools/tss

{"method": "rpe|hr|pace|power", "duration_min": 60, "rpe": 7}
→ {"tss": 420, "intensity_factor": 0.7}

POST /api/tools/altitude

{"time": "42:30", "altitude_m": 3000, "acclimatized": false}
→ {"adjusted": "44:37", "loss_pct": 5.0}

POST /api/tools/calories

{"weight_kg": 70, "duration_min": 60, "sport": "running",
 "intensity": "moderate", "elevation_gain_m": 0}
→ {"calories": 700, "met": 10.0}

POST /api/tools/fcmax

{"age": 35, "sex": "m|f|"}
→ {"formulas": {"220-age": 185, "tanaka": 184, ...}}

POST /api/tools/pace-targets

{"vdot": 48}
→ {"zones": {"E (easy)": "5:40/km", "M (marathon)": "4:40/km", ...}}

Metadata (no auth)

GET /api/v1/version

→ {"name": "Vetta Trainer", "version": "", "boot_ts": "...", "api": "v1"}

GET /api/v1/disciplines

→ {"disciplines": [{"id": "trail", "name": "Trail running"}, ...]}

GET /api/v1/philosophies

→ {"philosophies": [{"id": "daniels_vdot", ...}, ...], "count": 13}

GET /api/v1/archetypes?discipline=run

→ {"archetypes": [...], "count": 66, "discipline_filter": "run"}

GET /api/v1/glossary?lang=es

→ {"terms": [{"term": "TSS", "definition": "...", "lang": "es"}, ...], "count": 16}

GET /api/v1/posts?lang=es

→ {"posts": [{"slug": "vdot-explicado", "title": "...", "lang": "es", "url": "..."}, ...], "count": N}

GET /api/health-extended

→ Estado de subsistemas (Strava, Lemon, Resend, etc).

Auth-required

GET /api/v1/whoami / GET /api/v1/me

Headers: Cookie con sesión activa
→ {"authenticated": true, "user_id": "...", "email": "...", "plan": "pro"}
o
→ {"authenticated": false}

GET /account/export

→ ZIP con TODOS tus datos personales (GDPR Art. 20).

POST /account/delete

Headers: X-Confirm-Delete: yes
→ Borra cuenta + datos + sesión (GDPR Art. 17).

Rate limits

240 req/min general · 12 intentos / 5 min en login/signup. Devuelve 429 + Retry-After header.

Estabilidad

Los endpoints bajo /api/v1/ son estables: cambios disruptivos solo en una /api/v2/. Los /api/tools/ son estables públicamente también. El resto puede cambiar sin aviso.

Contacto

Bug en la API? Mejora? /contacto o rensont@gmail.com.