Auth Endpoints

Auth Endpoints

Check if authenticated

GET: /api/auth/info

• Authorization Required: authorizeSignIn
• Gets roles based on the latest cohort year

Sample Response Body:

{
    user: {
        id: number;
        name: string;
        email: string;
        profilePicUrl?: string;
        githubUrl?: string;
        linkedinUrl?: string;
        personalSiteUrl?: string;
        selfIntro?: string;
        student?: {
            id: number;
            userId: number;
            cohortYear: number; 
            projectId: number;
            nusnetId: string;
            matricNo: string;
        },
        adviser?: {
            id: number
            userId: number;
            cohortYear: number;
            projectIds: number[];
            nusnetId: string;
            matricNo: string;
        };
        mentor?: {
            id: number,
            userId: number;
            cohortYear: number, 
            projectIds: number[], 
        },
        administrator?: {
            id: number,
            userId: number;
            startDate: string,
            endDate: string,
        };
    }
}

Account Sign In

POST /api/auth/sign-in

Request Body:

{
    email: string,
    password: string,
}

Response Body:

• Refer to response body of /api/auth/info

Account Sign Out

GET /api/auth/sign-out

• Authorization Required: authorizeSignIn
• Signs user out and clears cookies

Reset Password

POST /api/auth/reset-password

• Sends an email to the user with a reset password link
• The reset password link contains the JWT token and the user's id
• Format for the reset password link is: ${frontend_route}/change-password?token={token}&id={userId}
• The JWT token is the user ID signed with the hash of the user's current password

Request Body:

{
    email: string
    origin: string
}

Response Body:

{
    message: string;
}

Change Password

POST /api/auth/change-password

Request Body:

{
    id: string;
    token: string;
    newPassword: string;
}

Response Body:

{
    message: string;
}