Logs in the user by verifying their email and password. If successful, a JWT token is generated and returned in a secure cookie.
{
"email": "[email protected]",
"password": "string"
}
- email: The email address of the user. It must be a non-empty string with a valid email format. (Required)
- password: The password of the user. It must be a non-empty string with a minimum length of 8 characters. (Required)
-
200 OK: If the login is successful, a
message
will be returned confirming the login.{ "message": "Login successful" }
-
401 Unauthorized: If the credentials are invalid.
{ "message": "Invalid Credentials" }
Logs out the user by clearing the authentication token stored in the cookies.
No body is required.
- 200 OK: If the logout is successful, a
message
will be returned confirming the logout.{ "message": "Logout successful" }
Updates the password for the logged-in user after verifying their previous password.
{
"prevPassword": "string",
"newPassword": "string"
}
- prevPassword: The previous password of the user. It must be a string. (Required)
- newPassword: The new password of the user. It must be a string, at least 12 characters long, and must contain at least one uppercase letter, one lowercase letter, one number, and one special character. (Required)
-
204 No Content: If the password is successfully updated.
-
401 Unauthorized: If the provided previous password does not match the stored password.
{ "message": "Invalid previous password" }