Open Mustafiz04 opened 4 weeks ago
@Mustafiz04 i am interested to work assign to me
@Sureshwebdeveloper assigned to you.
Thanks for assigned to me please add level I am already started of my work
Sure, please let me know if you have any doubts. I haven't added much context to the issue. You're welcome to add that too.
Please tell what changes I need to make exactly Because I have worked before mern auth backend but I dont have worked like your code its look like all of query methods. that's not a problem if you tell I will learn and apply on code
Yes sure, update the ticket description.
Are you saying token generation and token validation right ?
Yes, I have updated the description
Increase to level 3 for this issue.
Thanks for description I complete on as soon as possible ok further if I have any issue I will ask you 🙂
Add authentication APIs
- Signup - Right now signup api is taking whole lot of information but we have to split api into 2 at least. -- First for signup which take email, password and confirm password and store into db - return (Access token, Refresh token) -- Second for create profile which take whole other information, accessToken and store corresponding to this email/id
Can we split schema ?
because prevoius scheama have added required attributes so error comes
Right now we can go with the same schema because if we split we have to use nested schema which will be costly mongo operation. You can remove required attributes and add validations on top of each API to validate required fields.
Now I have another and last doubut, if user login with email then user need to enter password right , but mobile number field if user need to enter password or not
If any changes need to make please tell I will do that 🙂
Add authentication APIs
Signup - Right now signup api is taking whole lot of information but we have to split api into 2 at least. -- First for signup which take email, password and confirm password and store into db - return (Access token, Refresh token) -- Second for create profile which take whole other information, accessToken and store corresponding to this email/id
Login - Right now we login only with email but we should login with either email or mobile number. Make sure to store country code too while signup.
Logout - Logout is working as expected but still check if anything is missing there.
Refresh token - Api to increase validity of the token. - Check here
For accessToken we should keep token validity for an hour, for refresh token keep 1 day.
Let me know if you have any doubt.