# Users API Doc
## Users API
## @Authentication
## @PostNewUser
`POST` `http://users-api.xiot.cloud/v1/auth/signup`
Create a new user
#### Request Body
| Name | Type | Description |
| -------------------- | ------ | ------------------------------------------- |
| email | string | |
| firstName | string | min:3,max:50, Arabic or English chars only. |
| lastName | string | min:3,max50, Arabic or English chars only |
| password | string | min:8 |
| passwordConfirmation | string | Must be same as password |
{% tabs %}
{% tab title="200 When a user created successfully." %}
```
{
"statusCode": 200,
"message": "barakat.turk@gmail.com account created successfully",
"id": "9b65fbdd-b71c-492f-b285-d95e2a83ffc6"
}
```
{% endtab %}
{% tab title="400 Validation did not pass." %}
```
{
"statusCode": 400,
"message": "Validation errors",
"errors": {
"email": "E-mail already in use"
}
}
```
{% endtab %}
{% endtabs %}
Request Example.
```
{
"email": "barakat.turki@gmail.com",
"firstName": "ali",
"lastName": "turki",
"password": "password",
"passwordConfirmation": "password"
}
```
## @PostLogin
`POST` `http://users-api.xiot.cloud/v1/auth/login`
#### Request Body
| Name | Type | Description |
| -------- | ------ | ----------- |
| email | string | |
| password | string | |
{% tabs %}
{% tab title="200 Send the access token with every user's request." %}
```
{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVkYjRmOWI2LTgyNTMtNDQ3Zi05NzEzLWRjNzQyZGFhMjIxNCIsImlhdCI6MTU3ODM4MzE5MiwiZXhwIjoxNTc4NDY5NTkyLCJpc3MiOiJodHRwczovL3hpb3QuaW8ifQ.2AzZjspVSmcGoFHYcGPP9U0ty5PCCm1xadLrEAeBqnU",
"user": {
"id": "5db4f9b6-8253-447f-9713-dc742daa2214",
"firstName": "ali",
"lastName": "turki",
"email": "barakat.turki@gmail.com",
"emailVerified": true,
"phoneVerified": false
}
}
```
{% endtab %}
{% tab title="201 Send the loginCode with the code\@VerifyTOTP API" %}
```
{
"statusCode": 201,
"message": "user has two factor authentication",
"loginCode": "6e41febee0e90fb7"
}
```
{% endtab %}
{% tab title="400 " %}
```
{
"statusCode": 400,
"message": "Validation errors",
"errors": {
"password": "the field is required"
}
}
```
{% endtab %}
{% tab title="401 " %}
```
{
"statusCode": 401,
"message": "Invalid email or password."
}
```
{% endtab %}
{% tab title="422 when a user is already signed up and has not activated his email." %}
```
{
"statusCode": 422,
"message": "User's email is not verified, and verification email has just sent again."
}
```
{% endtab %}
{% endtabs %}
## @VerifyTOTP
`POST` `http://users-api.xiot.cloud/v1/auth/verify-totp`
**Only if the two factor authenticated is enabled**
#### Request Body
| Name | Type | Description |
| --------- | ------ | ---------------------------------------------------------------------- |
| loginCode | string | code sent back from login api |
| code | string | code comes form two factor authentication APP ex: google authenticator |
{% tabs %}
{% tab title="200 " %}
```
{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjFhNTk0YzI1LTliZGMtNGFlYy05NWJiLTY2ZTY5YzkyOWM3MCIsImlhdCI6MTU3OTc4NTg0MywiZXhwIjoxNTc5ODcyMjQzLCJpc3MiOiJodHRwczovL3hpb3QuaW8ifQ.LDvB5uo0qnBlwY27KZ5otJxdWSI_0QSJ5msrxA0gBss",
"user": {
"id": "1a594c25-9bdc-4aec-95bb-66e69c929c70",
"firstName": "ali",
"lastName": "turki",
"email": "barakat.turki@gmail.com",
"emailVerified": true,
"phoneVerified": false
}
}
```
{% endtab %}
{% tab title="400 " %}
```
{
"statusCode": 400,
"message": "loginCode expired or invalid",
"field": "loginCode",
"moreErrors": {}
}
```
{% endtab %}
{% endtabs %}
## @Profile
## @GetUserProfile
`GET` `http://users-api.xiot.cloud/v1/profile`
#### Headers
| Name | Type | Description |
| ------------- | ------ | ------------------------ |
| authorization | string | send bearer access token |
{% tabs %}
{% tab title="200 " %}
```
{
"statusCode": 200,
"message": "User's data",
"data": {
"id": "5db4f9b6-8253-447f-9713-dc742daa2214",
"uid": "7b16b343-3c38-4ede-860a-ffc6b081a802",
"firstName": "ali",
"lastName": "turki",
"email": "barakat.turki@gmail.com",
"phone": null,
"emailVerified": true,
"phoneVerified": false,
"providerId": null,
"createdAt": "2020-01-01T13:56:43.962Z",
"updatedAt": "2020-01-04T15:31:10.707Z"
}
}
```
{% endtab %}
{% tab title="401 Invalid access token or it's not sent." %}
```
Unauthorized
```
{% endtab %}
{% endtabs %}
## @UpdateProfile
`PUT` `http://users-api.xiot.cloud/v1/profile`
#### Headers
| Name | Type | Description |
| ------------- | ------ | ----------- |
| authorization | string | |
#### Request Body
| Name | Type | Description |
| --------- | ------ | ---------------------------------------------- |
| phone | string | valid egp phone number |
| lastName | string | min:3,max:50,valid english and arabic letters |
| firstName | string | min:3,max:50,vaild english and arabic letters |
{% tabs %}
{% tab title="200 " %}
```
{
"statusCode": 200,
"message": "profile update successfully"
}
```
{% endtab %}
{% tab title="400 " %}
```
{
"statusCode": 400,
"message": "Validation errors",
"errors": {
"phone": "Invalid value",
"firstName": "the field is required",
"lastName": "the field is required"
}
}
```
{% endtab %}
{% endtabs %}
## @Security
## @ChangePassword
`PUT` `http://users-api.xiot.cloud/v1/security/change-password`
Change logged in user's password
#### Headers
| Name | Type | Description |
| ------------- | ------ | ------------ |
| authorization | string | Bearer Token |
#### Request Body
| Name | Type | Description |
| -------------------- | ------ | ----------- |
| oldPassword | string | |
| password | string | |
| passwordConfirmation | string | |
{% tabs %}
{% tab title="200 " %}
```
{
"statusCode": 200,
"message": "user's password changed successfully."
}
```
{% endtab %}
{% tab title="400 " %}
```
{
"statusCode": 400,
"message": "must be at least 8 chars long",
"field": "password",
"moreErrors": {
"passwordConfirmation": "Must have the same value as the password field"
}
}
```
{% endtab %}
{% endtabs %}
## @ForgetPassword
`POST` `http://users-api.xiot.cloud/v1/security/forget-password`
#### Request Body
| Name | Type | Description |
| ----- | ------ | -------------------------------------- |
| email | string | Valid Email Format - Required - Exists |
{% tabs %}
{% tab title="200 " %}
```
{
"statusCode": 200,
"message": "reset token sent to user's email"
}
```
{% endtab %}
{% tab title="400 " %}
```
{
"statusCode": 400,
"message": "Invalid E-mail format",
"field": "email",
"moreErrors": {}
}
```
{% endtab %}
{% endtabs %}
## @EnableTwoFactorAuth
`POST` `http://users-api.xiot.cloud/v1/security/twofactor-enable`
#### Headers
| Name | Type | Description |
| ------------- | ------ | ------------ |
| authorization | string | Bearer Token |
{% tabs %}
{% tab title="200 " %}
{% code title="QRCODE IMAGE" %}
```
```
{% endcode %}
{% endtab %}
{% endtabs %}
## @DisableTwoFactorAuth
`POST` `http://users-api.xiot.cloud/v1/security/twofactor-disable`
#### Headers
| Name | Type | Description |
| ------------- | ------ | ------------ |
| authorization | string | Bearer Token |
{% tabs %}
{% tab title="200 " %}
```
{
"statusCode": 200,
"message": "Two factor authentication disabled"
}
```
{% endtab %}
{% endtabs %}
## @Account
## @ChangeEmail
`PUT` `http://users-api.xiot.cloud/v1/account/change-email`
#### Headers
| Name | Type | Description |
| ------------- | ------ | ------------ |
| authorization | string | Bearer Token |
#### Request Body
| Name | Type | Description |
| ----- | ------ | --------------------------- |
| email | string | Unique - valid email format |
{% tabs %}
{% tab title="200 " %}
```
{
"statusCode": 200,
"message": "Email changed successfully and we sent a verification code to your email."
}
```
{% endtab %}
{% tab title="400 " %}
```
{
"statusCode": 400,
"message": "Invalid E-mail format",
"field": "email",
"moreErrors": {}
}
```
{% endtab %}
{% endtabs %}