This project provides a RESTful API for user authentication and management, utilizing MongoDB as the database and OTPAuth for generating and validating One-Time Passwords (OTP). The API is built using Express.js and is designed to handle user registration, login, OTP generation, verification, validation, and disabling.
-
POST /register: Register a new user by providing the user's name, email, and password. If successful, the user is added to the database.
-
POST /login: Log in a user by providing their email and password. If the login is successful, user details are returned, including OTP status.
-
POST /otp/generate: Generate an OTP for a user. The generated OTP is associated with the user, and a QR code is generated for adding the OTP to an authenticator app.
-
POST /otp/verify: Verify an OTP provided by the user. If the OTP is valid, the user's OTP status is updated.
-
POST /otp/validate: Validate an OTP provided by the user. The validation window is extended to allow for minor time discrepancies.
-
POST /otp/disable: Disable OTP for a user.
- Clone this repository to your local machine.
- Install the required dependencies using
npm install. - Set up your MongoDB database and provide the database URL in the project's environment.
- Start the backend server using
npm start.
- Start the backend server.
- Use tools like Postman to send requests to the defined API endpoints.
- Follow the flow for user registration, login, OTP generation, verification, validation, and disabling.
Note: This collection requires the use of an authenticator app that supports the TOTP algorithm to handle OTP generation and verification.
- Express.js: Web framework for building the API endpoints.
- OTPAuth: Library for generating and validating OTPs using TOTP algorithm.
- MongoDB: Database used for storing user information and OTP-related data.
Contributions are welcome! If you find any issues or improvements, feel free to open an issue or submit a pull request.
This project is licensed under the MIT License.