Last updated: 2025-02-02
- nodemailer
- For sending password reset emails
- express
- For creating the server
- mongoose
- For interacting with MongoDB
- dotenv
- For loading environment variables
- bcrypt
- For hashing passwords
- jsonwebtoken
- For creating and verifying JWTs
This endpoint is used to log out a user. It clears the refresh token cookie and returns a success message.
/logout
POST
None
None
Code: 200 OK
{
"message": "Logged out successfully!",
"type": "success"
}This endpoint is used to sign in a user. It checks if the user exists and if the provided password matches the stored password. If successful, it returns access and refresh tokens.
/signin
POST
| Name | Type | In | Description | Required |
|---|---|---|---|---|
| string | body | User's email address | Yes | |
| password | string | body | User's password | Yes |
{
"email": "user@example.com",
"password": "userpassword"
}Code: 200 OK
{
"accessToken": "access_token_value",
"refreshToken": "refresh_token_value"
}This endpoint is used to check if a user is logged in. It verifies the user's JWT token and returns the user's information if the token is valid.
/protected
GET
None
None
Code: 200 OK
{
"message": "You are logged in.",
"type": "success",
"user": {
"id": "user_id",
"email": "user@example.com"
// other user details
}
}This endpoint is used to refresh the user's access token using a valid refresh token. It verifies the refresh token and returns new access and refresh tokens if the refresh token is valid.
/refresh_token
POST
None
None
Code: 200 OK
{
"message": "Refreshed successfully!",
"status": "success",
"accessToken": "new_access_token_value"
}This endpoint is used to reset the user's password. It verifies the user's password reset token and updates the user's password if the token is valid.
/reset-password/:id/:token
POST
| Name | Type | In | Description | Required |
|---|---|---|---|---|
| id | string | path | User's ID | Yes |
| token | string | path | User's password reset token | Yes |
| newPassword | string | body | User's new password | Yes |
None
Code: 200 OK
{
"message": "Email sent!",
"type": "success"
}This endpoint is used to send a password reset email to the user. It checks if the user exists and sends a password reset link to the user's email if the user is found.
/send-password-reset-email
POST
| Name | Type | In | Description | Required |
|---|---|---|---|---|
| string | body | User's email address | Yes |
{
"email": "user@example.com"
}Code: 200 OK
{
"message": "Password reset link has been sent to your email!",
"type": "success"
}This endpoint is used to sign in a user. It checks if the user exists and if the provided password matches the stored password. If successful, it returns access and refresh tokens.
/signin
POST
| Name | Type | In | Description | Required |
|---|---|---|---|---|
| string | body | User's email address | Yes | |
| password | string | body | User's password | Yes |
{
"email": "user@example.com",
"password": "userpassword"
}Code: 200 OK
{
"accessToken": "access_token_value",
"refreshToken": "refresh_token_value"
}This endpoint is used to register a new user. It checks if the user already exists and if not, creates a new user with the provided email and password.
/signup
POST
| Name | Type | In | Description | Required |
|---|---|---|---|---|
| string | body | User's email address | Yes | |
| password | string | body | User's password | Yes |
{
"email": "user@example.com",
"password": "userpassword"
}Code: 200 OK
{
"message": "User created successfully!",
"type": "success"
}