🔐 Authentication API

Send OTP

POST /auth/otp/send

Request:

{
    "phone_no": "+918141950208"  // Format: +[country code][number]
}

Response:

// Success (200)
{
    "success": true,
    "message": "OTP sent successfully"
}

// Error (400)
{
    "error": "Invalid phone number format"
}

// Error (500)
{
    "error": "Failed to send OTP",
    "success": false
}

Verify OTP

POST /auth/otp/verify

Request:

{
    "phone_no": "+918141950208",
    "token": "123456"  // 6-digit OTP
}

Response:

// Success (200)
{
    "success": true,
    "message": "OTP verified successfully",
    "isNewUser": boolean,
    "sessionInfo": {
        "access_token": "string",
        "token_type": "bearer",
        "expires_in": number,
        "expires_at": number,
        "refresh_token": "string"
    }
}

// Error (400)
{
    "error": "Phone No is required" | "Phone No is invalid" | "OTP is invalid"
}

// Error (401)
{
    "error": "OTP is expired or invalid"
}

Refresh Token

POST /auth/token/refresh

Request:

{
    "refresh_token": "g37CUbbboli1dUN1PLEFqQ"
}

Response:

// Success (200)
{
    "success": true,
    "message": "Session token refreshed successfully",
    "sessionInfo": {
        "access_token": "string",
        "token_type": "bearer",
        "expires_in": number,
        "expires_at": number,
        "refresh_token": "string"
    }
}

// Error (400)
{
    "error": "No refresh token provided"
}

// Error (500)
{
    "error": "Internal server error"
}