Register

Endpoint: POST /auth/register

Description: Register a new user account with email and password.

Headers:

  • Content-Type: application/json

Request Body:

{
  "username": "string (required, 3-30 chars, alphanumeric + underscore)",
  "name": "string (optional, 2-50 chars)",
  "email": "string (required, valid email)",
  "password": "string (required, min 8 chars, must contain uppercase, lowercase, number, special char)"
}

Success Response (201):

{
  "success": true,
  "data": {
    "_id": "507f1f77bcf86cd799439011",
    "username": "johndoe",
    "name": "John Doe",
    "email": "john@example.com",
    "avatar": "default.jpg",
    "createdAt": "2023-01-01T00:00:00.000Z",
    "updatedAt": "2023-01-01T00:00:00.000Z"
  },
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Cookies Set:

  • accessToken (HttpOnly, Secure, SameSite=None, 1 hour expiry)

  • refreshToken (HttpOnly, Secure, SameSite=None, 30 days expiry)

Error Responses:

400 Bad Request:

{
  "success": false,
  "message": "Email already registered."
}

422 Validation Error:

{
  "success": false,
  "message": "Validation failed",
  "errors": {
    "email": "Email is required",
    "password": "Password must contain at least one uppercase letter, one lowercase letter, one number, and one special character"
  }
}
Updated on
How it works
Login