Auth API - masai-oss/Masai_Refresh GitHub Wiki
User Sign-up
POST api/auth/signup
PARAMS
- Body
{
"email": "[email protected]",
"name": "abc",
"password": "abcdefgh" // minimum 8 characters long
}
RESPONSE
Success (Status code: 200)
{
"error": false,
"message": "Registration Successful"
}
Failure
- If request body validation failure (Status code: 400)
{
"error": true,
"message": error // relevant message explaining the error
}
- If email is invalid (Status code: 400)
{
"error": true,
"message": "Invalid email credentials"
}
- If the email domain is other than the allowed once (Status code: 400)
{
"error": true,
"message": "Invalid domain"
}
- If already a user exists with that mail (Status code: 400)
{
"error": true,
"message": "User Already exists"
}
- Others (Status code: 500)
{
"error": true,
"message": "Something went wrong",
"reason": err
}
User verification
POST /api/auth/verify_user
PARAMS
- Body
{
"email": "[email protected]",
"OTP": "000000"
}
RESPONSE
Success (Status code: 200)
{
"error": false,
"message": "User verified successfully"
}
Failure
- If no email or OTP in the request body (Status code: 400)
{
"error": true,
"message": "Send both email and otp"
}
- If no such user email (Status code: 400)
{
"error": true,
"message": "Invalid email"
}
- If the user email was registered using OAuth (Status code: 400)
{
"error": true,
"message": "User signed up using OAuth"
}
- If the OTP expired or no OTP generated (Status code: 400)
{
"error": true,
"message": "No OTP generated or OTP expired"
}
- If OTP didn't match (Status code: 400)
{
"error": true,
"message": "Invalid OTP"
}
- Others (Status code: 500)
{
"error": true,
"message": "Something went wrong",
"reason": err
}
Resend verification OTP
POST /api/auth/email_verification/resend_otp
PARAMS
- Body
{
"email" : "[email protected]"
}
RESPONSE
Success (Status code: 200)
{
"error": false,
"message": "OTP sent successfully"
}
Failure
- If no email in the request body (Status code: 400)
{
"error": true,
"message": "Send the user email"
}
- If no such user email (Status code: 400)
{
"error": true,
"message": "Invalid email"
}
- If the user email was registered using OAuth (Status code: 400)
{
"error": true,
"message": "User signed up using OAuth"
}
- If the user email is already verified (Status code: 400)
{
"error": true,
"message": "Email already verified"
}
- Others (Status code: 500)
{
"error": true,
"message": "Something went wrong",
"reason": err
}
User Sign-in
POST /api/auth/signin
PARAMS
- Body
{
"email": "[email protected]",
"password": "abcdefgh"
}
RESPONSE
Success (Status code: 200)
{
"error": false,
"message": "user has been successfully authenticated",
"user": {
"_id": "1234567890asdfghjasdfg",
"name": "abc",
"email": "[email protected]",
"profilePic": null // null or link based on data available
},
"token": "eyJhbGciOiJIUzI1erthbuhbdck"
}
Failure
- If request body validation failure (Status code: 400)
{
"error": true,
"message": error // relevant message explaining the error
}
- If no such user email (Status code: 400)
{
"error": true,
"message": "Invalid email"
}
- If the user email was registered using OAuth (Status code: 400)
{
"error": true,
"message": "User has only OAuth signin option"
}
- If the user is not verified (Status code: 400)
{
"error": true,
"message": "User email hasn't been verified"
}
- If the password didn't match (Status: 400)
{
"error": true,
"message": "Invalid Password"
}
- Others (Status code: 500)
{
"error": true,
"message": "Something went wrong",
"reason": err
}
Send password reset OTP
POST /api/auth/password_resst/send_otp
PARAMS
- Body
{
"email" : "[email protected]"
}
RESPONSE
Success (Status Code: 200)
{
"error": false,
"message": "OTP sent successfully"
}
Failure
- If no email in the request body (Status code: 400)
{
"error": true,
"message": "Send the user email"
}
- If no such user email (Status code: 400)
{
"error": true,
"message": "Invalid email"
}
- If the user email was registered using OAuth (Status code: 400)
{
"error": true,
"message": "User signed up using OAuth"
}
- Others (Status code: 500)
{
"error": true,
"message": "Something went wrong",
"reason": err
}
Verify password reset OTP
POST /api/auth/password_reset/verify_otp
PARAMS
- Body
{
"email": "[email protected]",
"OTP": "000000"
}
RESPONSE
Success (Status Code: 200)
{
"error": false,
"data": {
"message": "OTP verified successfully",
"temporary_pass": "eyJhbGciOiJIUzI1NiIsInR5cC"
}
}
Failure
- If request body validation failure (Status code: 400)
{
"error": true,
"message": "Send both email and otp"
}
- If no such user email (Status code: 400)
{
"error": true,
"message": "Invalid email"
}
- If the user email was registered using oauth (Status code: 400)
{
"error": true,
"message": "User signed up using OAuth"
}
- If the OTP expired or no OTP generated (Status code: 400)
{
"error": true,
"message": "No OTP generated or OTP expired"
}
- If OTP didn't match (Status code: 400)
{
"error": true,
"message": "Invalid OTP"
}
- Others (Status code: 500)
{
"error": true,
"message": "Something went wrong",
"reason": err
}
Reset user password
POST /api/auth/password_reset
PARAMS
- Body
{
"new_password": "aaaaaaaa",
"pass": "eyJhbGciOiJIUzI1erthbuhbdck"
}
RESPONSE
Success (Status Code: 200)
{
"error": false,
"message": "Password changed successfully"
}
Failure
- If request body validation failure (Status code: 400)
{
"error": true,
"message": error // relevant message explaining the error
}
- If the pass is not valid (Status code: 400)
{
"error": true,
"message": "Invalid pass or pass expired"
}
- If no such user email (Status code: 400)
{
"error": true,
"message": "Invalid email"
}
- If the password reset request not initiated or the password had already been reset for that request
{
"error": true,
"message": "Already reset or password reset request hasn't been initiated"
}
- Others (Status code: 500)
{
"error": true,
"message": "Something went wrong",
"reason": err
}