🚪 User Registration & Login

Seamless and secure access to your learning journey

🔑 Authentication Methods

• Email/Password Signup & Login: Users register with an email and password, which are securely stored after hashing.

• Google OAuth Login: Users can sign in using their Google accounts via OAuth 2.0 integration, streamlining access without creating new credentials.

---

🔄 Backend Flow

• Signup triggers POST /auth/signup

• Login triggers POST /auth/login

• reset password OTP POST /auth/forgetpassword

• Upon successful login, a JWT token is issued and stored on the client for authenticating further requests.

---

🔒 Security Measures

• Passwords are hashed using bcrypt before storage.

• Email verification is mandatory before full access.

• JWT tokens have expiration to enhance security.

• Rate limiting protects against brute force attacks.

---

🔴 Error Handling

Error	Cause	Response	Notes
InvalidCredentials	Wrong email or password	HTTP 401 Unauthorized	User is prompted to retry
DuplicateEmail	Email already registered	HTTP 409 Conflict	User encouraged to login or reset password
MissingFields	Required fields not provided	HTTP 400 Bad Request	Client-side validation also recommended
TokenExpired	JWT token expired during session	HTTP 401 Unauthorized	User needs to re-authenticate
EmailNotVerified	User tries login without verifying email	HTTP 403 Forbidden	Prompt user to verify email first

---

📡 Example API Requests & Responses

User Login

Request:

POST /auth/login
Content-Type: application/json

{
  "email": "faresayman@example.com",
  "password": "Fares@123#!"
}

Success Response:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "user": {
    "id": "1234567890",
    "email": "faresayman@example.com",
    "fullName": "Fares Ayman"
  }
}

Error Response (Invalid Credentials):

HTTP/1.1 401 Unauthorized
Content-Type: application/json

{
  "error": "InvalidCredentials",
  "message": "Email or password is incorrect."
}