Authentication API - Githubissues

GlobeHoppin / globe-hoppin-backend

Backend of GlobeHoppin. Tech - NodeJs, Express and MongoDB

https://www.api-globehoppin.mustafizkaifee.in/

5 stars 11 forks source link

Authentication API #1

Open Mustafiz04 opened 4 weeks ago

Mustafiz04 commented 4 weeks ago

Add authentication APIs

Signup - Right now signup api is taking whole lot of information but we have to split api into 2 at least. -- First for signup which take email, password and confirm password and store into db - return (Access token, Refresh token) -- Second for create profile which take whole other information, accessToken and store corresponding to this email/id
Login - Right now we login only with email but we should login with either email or mobile number. Make sure to store country code too while signup.
Logout - Logout is working as expected but still check if anything is missing there.
Refresh token - Api to increase validity of the token. - Check here

For accessToken we should keep token validity for an hour, for refresh token keep 1 day.

Let me know if you have any doubt.

Sureshwebdeveloper commented 1 week ago

@Mustafiz04 i am interested to work assign to me

Mustafiz04 commented 1 week ago

@Sureshwebdeveloper assigned to you.

Sureshwebdeveloper commented 1 week ago

Thanks for assigned to me please add level I am already started of my work

Mustafiz04 commented 1 week ago

Sure, please let me know if you have any doubts. I haven't added much context to the issue. You're welcome to add that too.

Sureshwebdeveloper commented 1 week ago

Please tell what changes I need to make exactly Because I have worked before mern auth backend but I dont have worked like your code its look like all of query methods. that's not a problem if you tell I will learn and apply on code

Mustafiz04 commented 1 week ago

Yes sure, update the ticket description.

Sureshwebdeveloper commented 1 week ago

Are you saying token generation and token validation right ?

Mustafiz04 commented 1 week ago

Yes, I have updated the description

Increase to level 3 for this issue.

Sureshwebdeveloper commented 1 week ago

Thanks for description I complete on as soon as possible ok further if I have any issue I will ask you 🙂

Sureshwebdeveloper commented 1 week ago

Add authentication APIs

Signup - Right now signup api is taking whole lot of information but we have to split api into 2 at least. -- First for signup which take email, password and confirm password and store into db - return (Access token, Refresh token) -- Second for create profile which take whole other information, accessToken and store corresponding to this email/id

Can we split schema ?

Authschema

email, password and confirm password, email verification token and store into db - return (Access token, Refresh token)

profileSchema
profileSchema
have a name , gender , age, country, countryCode and other informations

because prevoius scheama have added required attributes so error comes

Mustafiz04 commented 5 days ago

Right now we can go with the same schema because if we split we have to use nested schema which will be costly mongo operation. You can remove required attributes and add validations on top of each API to validate required fields.

Sureshwebdeveloper commented 4 days ago

Steps I Follwed

create signup function

Email
Password
Access token (1h valid) , Refresh token (1day valid)

Create a UserProfile Section

Verify user have Access token and Refresh Token
Get email from user and if its exists then update a data ( name, gender, age, country , phoneNumber , Country Code , description, SocialMediaLink, ProfilePicture ) and update to db
This function need to return any token ?

Now I am at step 3 👇 User login

Now I have another and last doubut, if user login with email then user need to enter password right , but mobile number field if user need to enter password or not

If any changes need to make please tell I will do that 🙂