User Authentication Endpoints

Register a New User

Endpoint

POST /register

Description

Registers a new user in the system.

Request Body

Field	Type	Required	Description
`username`	string	Yes	The user's display name.
`email`	string	Yes	The user's email address.
`password`	string	Yes	The user's password.
`language_code`	string	No	Preferred language code (default: `en`).

Response

201 Created: User registered successfully.

{
  "message": "User created successfully"
}

400 Bad Request: Missing required fields or invalid data.

{
  "message": "Username, email, and password are required"
}

{
  "message": "Password does not meet security requirements"
}

{
  "message": "User name already exists"
}

{
  "message": "Email already exists"
}

500 Internal Server Error: An unexpected error occurred.

{
  "message": "An error occurred during registration"
}

Login

Endpoint

POST /login

Description

Authenticates a user and returns access and refresh tokens.

Request Body

Field	Type	Required	Description
email	string	Yes	The user's email address.
password	string	Yes	The user's password.

Response

200 OK: New access token generated.

{
  "access_token": "new-access-token"
}

401 Unauthorized: Invalid or expired refresh token.
```
{
  "message": "Invalid token"
}
```

Stored Procedures Used

`login_person_by_email(email)`

Fetches user data by email for authentication purposes.

`update_last_login(person_id)`

Updates the last login timestamp for a given user.

`register_person(name, email, hashed_password, salt, language_code)`

Registers a new user with the provided details.

Helper Functions

`validate_password(password)`

Validates password strength based on predefined security requirements.

`verify_password(password, hashed_password, salt)`

Compares the provided password with the stored hashed password.

`generate_access_token(person_id)`

Generates a new JWT access token for the user.

`generate_refresh_token(person_id)`

Generates a new JWT refresh token for the user.

`extract_token_from_header()`

Extracts the token from the Authorization header.

`verify_token(token, required_type)`

Verifies the validity of the token and ensures it matches the required type (e.g., refresh or access).

Error Handling

TokenError: Custom error handling for token-related issues, returning descriptive messages and appropriate status codes.
MySQLError: Catches database-related errors and maps them to user-friendly messages.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

User Authentication Endpoints

Register a New User

Endpoint

Description

Request Body

Response

Login

Endpoint

Description

Request Body

Response

Stored Procedures Used

`login_person_by_email(email)`

`update_last_login(person_id)`

`register_person(name, email, hashed_password, salt, language_code)`

Helper Functions

`validate_password(password)`

`verify_password(password, hashed_password, salt)`

`generate_access_token(person_id)`

`generate_refresh_token(person_id)`

`extract_token_from_header()`

`verify_token(token, required_type)`

Error Handling

Uh oh!

Smart Cooking API

Home

Getting Started

Authentication

Endpoints

Changelog

Clone this wiki locally