Skip to content

Latest commit

 

History

History
88 lines (60 loc) · 1.91 KB

AuthController.md

File metadata and controls

88 lines (60 loc) · 1.91 KB

AuthController

POST /auth/login

Description:

Logs in the user by verifying their email and password. If successful, a JWT token is generated and returned in a secure cookie.

Request Body:

{
    "email": "[email protected]",
    "password": "string"
}
  • email: The email address of the user. It must be a non-empty string with a valid email format. (Required)
  • password: The password of the user. It must be a non-empty string with a minimum length of 8 characters. (Required)

Response:

  • 200 OK: If the login is successful, a message will be returned confirming the login.

    {
        "message": "Login successful"
    }
  • 401 Unauthorized: If the credentials are invalid.

    {
        "message": "Invalid Credentials"
    }

POST /auth/logout

Description:

Logs out the user by clearing the authentication token stored in the cookies.

Request:

No body is required.

Response:

  • 200 OK: If the logout is successful, a message will be returned confirming the logout.
    {
        "message": "Logout successful"
    }

PUT /auth/update/password

Description:

Updates the password for the logged-in user after verifying their previous password.

Request Body:

{
    "prevPassword": "string",
    "newPassword": "string"
}
  • prevPassword: The previous password of the user. It must be a string. (Required)
  • newPassword: The new password of the user. It must be a string, at least 12 characters long, and must contain at least one uppercase letter, one lowercase letter, one number, and one special character. (Required)

Response:

  • 204 No Content: If the password is successfully updated.

  • 401 Unauthorized: If the provided previous password does not match the stored password.

    {
        "message": "Invalid previous password"
    }