Verify TOTP
This API will be used during the Login process if the user have 2FA enabled, the login API will return a redirect response instead direclty logging the user in. Then the user will be prompted to enter the current TOTP from the authenticator app.
2FA Login
When the user who's trying to login have 2FA enabled, the Login API will return different response instead of directly logging the user in. i.e.
1
2
3
4
5
{
success: true,
msg: "",
redirect_url: "/auth/confirm-2fa-totp?user_id=65ddb7496a09ca290bec88b2",
}Then from here onward, the following pattern should be followed to authenticate the user with 2nd factor and login the user successfully.
Endpoint
POST /2fa/verify-totp
Payload
This API will be use
1
2
3
{
"totp_code": "12345"
}Response
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
{
"success": true,
"msg": "You are signed in successfully!",
"user": "user": {
"_id": "65ddb7496a09ca290bec88b2",
"username": "user_123",
"register_provider": "urbanfits",
"image": "/website-copyrights/default-pfp.webp ",
"phone_prefix": "+971",
"phone_number": "31643454835",
"email": "example@domain.com",
"two_fa_enabled": true,
"role": "customer",
"is_active": true,
"uf_wallet": {
"card_number": "70517090291921247656",
"bar_code": "/uf-wallet-barcodes/70517090291921247656",
"last_spin_reward": 200,
"last_uf_spin": "2024-05-09T23:59:59.000Z",
"next_uf_spin": "2024-05-11T00:00:00.000Z"
},
"last_checkin": "2024-05-21T23:59:59.999Z",
"timezone": "Asia/Dubai",
"user_agent": "eyJhbGciOiJIUzI1NiJ9.UG9zdG1hblJ1bnRpbWUvNy4zNy4z.lYd97Uv60STIestaaO3UO_aiP7G10yEmi_XG22KbOPo",
"purchases": 7,
"createdAt": "2024-02-27T00:00:00.000Z",
"updatedAt": "2024-06-06T12:04:37.382Z",
"__v": 0,
"firstname": "John",
"gender": "male",
"lastname": "Doe",
"title": "Mr."
}
}