Authentication API
Opened this issue ยท 12 comments
Add authentication APIs
-
Signup - Right now signup api is taking whole lot of information but we have to split api into 2 at least.
-- First for signup which take email, password and confirm password and store into db - return (Access token, Refresh token)
-- Second for create profile which take whole other information, accessToken and store corresponding to this email/id -
Login - Right now we login only with email but we should login with either email or mobile number. Make sure to store country code too while signup.
-
Logout - Logout is working as expected but still check if anything is missing there.
-
Refresh token - Api to increase validity of the token. - Check here
For accessToken we should keep token validity for an hour, for refresh token keep 1 day.
Let me know if you have any doubt.
@Mustafiz04 i am interested to work assign to me
@Sureshwebdeveloper assigned to you.
Thanks for assigned to me please add level I am already started of my work
Sure, please let me know if you have any doubts. I haven't added much context to the issue.
You're welcome to add that too.
Please tell what changes I need to make exactly Because I have worked before mern auth backend but I dont have worked like your code its look like all of query methods. that's not a problem if you tell I will learn and apply on code
Yes sure, update the ticket description.
Are you saying token generation and token validation right ?
Yes, I have updated the description
Increase to level 3 for this issue.
Thanks for description I complete on as soon as possible ok further if I have any issue I will ask you ๐
Add authentication APIs
- Signup - Right now signup api is taking whole lot of information but we have to split api into 2 at least.
-- First for signup which take email, password and confirm password and store into db - return (Access token, Refresh token)
-- Second for create profile which take whole other information, accessToken and store corresponding to this email/id
Can we split schema ?
Authschema
email, password and confirm password, email verification token and store into db - return (Access token, Refresh token)2. profileSchema
profileSchema
have a name , gender , age, country, countryCode and other informationsbecause prevoius scheama have added required attributes so error comes
Right now we can go with the same schema because if we split we have to use nested schema which will be costly mongo operation.
You can remove required attributes and add validations on top of each API to validate required fields.
Steps I Follwed
create signup function
- Password
- Access token (1h valid) , Refresh token (1day valid)
Create a UserProfile Section
- Verify user have Access token and Refresh Token
- Get email from user and if its exists then update a data ( name, gender, age, country , phoneNumber , Country Code , description, SocialMediaLink, ProfilePicture ) and update to db
- This function need to return any token ?
Now I am at step 3 ๐ User login
Now I have another and last doubut,
if user login with email then user need to enter password right , but mobile number field if user need to enter password or not
If any changes need to make please tell I will do that ๐