API Tutorial: User Authentication and Token Refresh
Introduction
This tutorial will guide you through the process of using an authentication API that provides user registration, login, and token refresh functionalities.
1) Register Endpoint
Use the /register endpoint to create a new user by providing a unique email, a secure password, and a role.
Request
POST /register
Content-Type: application/json
{
“email”: "user@example.com",
“password”: “securepassword”,
“role”: “user”
}
Example response (Validation Error)
{
“succeeded”: false,
“errors”: [
“Passwords must have at least one non-alphanumeric character.”,
“Passwords must have at least one digit (‘0’-‘9’).”,
“Passwords must have at least one uppercase letter (‘A’-‘Z’).”
]
}
Response (Successful Registration) -> status 200
2) Login Endpoint
POST /login
Content-Type: application/json
{
“email”: "user@example.com",
“password”: “securepassword”
}
3) Refresh Endpoint
When the access token expires, use the /refresh endpoint with the expired access token and the refresh token to obtain a new access token and refresh token.
POST /refresh-token
Content-Type: application/json
{
“refreshToken”: “your_refresh_token”,
“token”: “your_access_token”
}
Important Notes