Skip to content

Custom Auth Features

Jump to bottom
Anand edited this page Dec 24, 2020 · 2 revisions

Features

  1. User Registration:

    *  API: /api/account/register
*  Fields: email, mobile, password, first_name, last_name.
*  Validation:
   required: user can not pass empty value,
   email exists: check email id already registered or not,
   mobile exists: check mobile already registered or not,

* Response: After Successful registration verification OTP sent to email and mobile number. OTP is only valid for 15 min (time is configurable, 
  user can increase or decrease the time)

  2. User Varify:

    * API: /api/account/verify
* Fields: email or mobile, OTP 
* Validation: 
  required: user can not pass empty value,
  email or mobile exits: check email or mobile already registered or not. if not registered response with validation error

* Response: after validation pass check for OTP validation. if OTP is more then 15 min response with OTP invalid error. once OTP validated user 
  will be activated and respond with JWT auth Token.

  3. Resent OTP:

    * API: /api/account/resent
* Fields: email or mobile 
* Validation: 
  required: user can not pass empty value,
  email or mobile exits: check email or mobile already registred or not. if not registered response with validation error

* Response: verification OTP sent to email and mobile number.

  4. User Login:

    * API: /api/account/login
* Fields: email or mobile, password
* Validation: 
  required: user can not pass empty value,
  email or mobile exits: check email or mobile already registred or not. if not registered response with validation error
  password: can not be empty
 
* Response: The user can pass an email or mobile number for authentication. The first server checks the device registered or not and sent a 
  validation error. if a user already registered but not activated then sent an error message that the user registered but not activated. 
  so users can activate by using verify API. (Before he should use the Resent API). if all info will correct then respond with JWT auth Token.

  5. User Exists:

    * API: /api/account/exists
* Fields: email or mobile
* Validation: 
  required: user can not pass empty value,
  email or mobile exits: check email or mobile already registered or not. if not registered response with a validation error
 
* Response: the server checks the device registered or not and sent a validation error. if the user already registered but not activated then 
  sent an error message that the user registered but not activated.

  6. Refresh Token:

    * API: /api/account/refresh-token
* Fields: token
* Validation: 
  required: user can not pass empty value,
  token: only unexpired token

* Response: if the token is not expired then generate a new Token with the new expiry time. user can regenerate Token before expired.

  7. User Profile:

    * API: /api/account/profie
* Validation: 
  token: only unexpired token
 
* Response: Authenticated API for getting the user info.

  8. User Logout:

    * API: /api/account/logout
* Validation: 
  token: token required
 
* Response: Authenticated API for logout.

  9. Change Password:

    * API: /api/account/change-password
* Fields: old password, new password, confirm password
* Validation: 
  token: token required

* Response: for changing the password.
Clone this wiki locally