AuthController API Documentation
Introduction
The AuthController is responsible for handling various user authentication actions such as login, registration, OTP verification, password reset, and account activation. It uses Laravel Sanctum for API token authentication and supports OTP-based account activation.
API Endpoints
1. Login
Endpoint:
POST /api/login
Description:
Authenticates a user and returns an access token. If OTP is required, the account must be activated using OTP.
Request Example:
{
"email": "user@example.com",
"password": "password123"
}
Response Example (Success):
{
"status": true,
"message": "Data Retrieved Successfully",
"data": {
"token": "your-access-token"
}
}
Response Example (Failure):
{
"status": false,
"message": "Username Or Password Is Not Correct"
}
2. Register
Endpoint:
POST /api/register
Description:
Registers a new user and sends an OTP if required for account activation.
Request Example:
{
"name": "John Doe",
"email": "john.doe@example.com",
"phone": "1234567890",
"password": "password123",
"password_confirmation": "password123"
}
Response Example (Success):
{
"status": true,
"message": "An OTP Has been send to your email please check it"
}
Response Example (Failure):
{
"status": false,
"message": "User registration failed"
}
3. Resend OTP
Endpoint:
POST /api/resend
Description:
Resends the OTP to the user’s registered email or phone.
Request Example:
{
"email": "user@example.com"
}
Response Example:
{
"status": true,
"message": "An OTP has been sent to your email. Please check it."
}
4. Check OTP
Endpoint:
POST /api/otp-check
Description:
Verifies the OTP provided by the user to activate the account.
Request Example:
{
"email": "user@example.com",
"otp_code": "123456"
}
Response Example (Success):
{
"status": true,
"message": "Valid OTP Code"
}
Response Example (Failure):
{
"status": false,
"message": "Sorry, this code is not valid or expired."
}
5. Activate Account Using OTP
Endpoint:
POST /api/otp
Description:
Verifies the OTP and activates the user's account if the OTP is valid.
Request Example:
{
"email": "user@example.com",
"otp_code": "123456"
}
Response Example (Success):
{
"status": true,
"message": "Your account has been activated"
}
Response Example (Failure):
{
"status": false,
"message": "Sorry, this code is not valid or expired"
}
6. Reset Password
Endpoint:
POST /api/reset
Description:
Sends an OTP to the user’s registered email or phone to reset the password.
Request Example:
{
"email": "user@example.com"
}
Response Example:
{
"status": true,
"message": "An OTP has been sent to your email. Please check it."
}
7. Change Password
Endpoint:
POST /api/profile/password
Description:
Changes the user’s password. If the user is authenticated, they can change their password directly; otherwise, they must verify their identity using OTP.
Request Example:
{
"password": "newpassword123",
"password_confirmation": "newpassword123"
}
Response Example (Success):
{
"status": true,
"message": "Password Updated"
}
Response Example (Failure):
{
"status": false,
"message": "Sorry, this code is not valid or expired"
}
Summary of Methods
- login() - Authenticates the user and returns an access token.
- register() - Registers a new user and sends an OTP if needed.
- resend() - Resends the OTP to the user.
- otpCheck() - Checks if the provided OTP is valid for account activation.
- otp() - Activates the user account using a valid OTP.
- reset() - Sends an OTP for password reset.
- password() - Allows the user to change their password.