Auth | Brothh Docs

## Auth

Auth docs cover sign-in, sign-up, verification, password reset, email change confirmation, MFA, and how GitBook handles same-origin auth pages. GitBook is a documentation app, so successful login and signup return readers to the docs home or the safe \`next=\` path supplied in the URL.

{% figure src="/docs-images/gitbook-auth-login.png" alt="GitBook login form" caption="GitBook auth routes stay inside the docs shell and render a local sign-in form instead of handing readers to another app." /%}

## Reader-facing routes

- \`/auth/login\` signs in existing readers.
- \`/auth/signup\` creates customer, producer, organizer, or facility accounts.
- \`/auth/forgot-password\` requests a reset link.
- \`/auth/reset-password\` completes reset from a token.
- \`/auth/verify-email\` verifies an email token.
- \`/auth/confirm-email-change\` confirms a pending email change.

Canonical aliases such as \`/auth/sign-in\` and \`/auth/sign-up\` redirect to the real route files so external docs links do not 404.

## MFA

\`/auth/mfa\` is the full-page MFA surface for challenge and enrollment states. When documenting MFA, include the recovery-code path, the reveal-once copy, and the rule that GitBook stays same-origin instead of sending users to another sub-app by default.