Change Email

The Change Email flow also includes 2 APIs

Auth Email: First, user will have to submit their new email and the passowrd. A temporary OTP session will be created having the new email. And the OTP will be delivered to this new submitted email address.
Change Email: If the user gets email successfully in their mail box at provided new email with an OTP and user submits it within 5 minutes to this api, the saved new email will be permanently changed successfully.

1. Auth Email

Endpoint

PUT /auth/otp/auth-email

Payload

Remember that the user should be logged in and the session-token cookies headers need to be sent to auth-email API.

{
    "new_email": "new.email@example.com",
    "password": "12345678" // Current password of the user
}

Response

Save this otp_id, we'll be needing it to change the password with authenticity.

{
    "success": true,
    "otp_id": "6662e9e67f688698857bd1b8,
    "msg": "We just sent an otp to your new email, please check and submit the code."
}

2. Change Email

Endpoint

PUT /auth/otp/change-email

Payload

The OTP Id obtained from submitting the new email address should be send along.

{
    "otp_id": "66150428c953c3d56112fbce", // OTP ID optained from forgot password api.
    "otp": "12345"
}

Response

Successful Response

{
        "success": true,
        "msg": "Your email has been updated!",
        "user": {
            "_id": "65ddb7496a09ca290bec88b2",
            "username": "user_123",
            "register_provider": "urbanfits",
            "image": "https://lh3.googleusercontent.com/a/ACg8ocLUFVuvODAyQgKnZQyeKiplTsNvzvJr-DL-eghS5l7YM4Dg1VOi=s96-c",
            "phone_prefix": "+971",
            "phone_number": "31643454835",
            "email": "example@domain.com",
            "two_fa_enabled": false,
            "role": "customer",
            "is_active": true,
            "uf_wallet": {
                "card_number": "70517090291921247656",
                "bar_code": "/uf-wallet-barcodes/70517090291921247656",
                "last_spin_reward": 200,
                "last_uf_spin": "2024-05-09T23:59:59.000Z",
                "next_uf_spin": "2024-05-11T00:00:00.000Z"
            },
            "last_checkin": "2024-05-21T23:59:59.999Z",
            "timezone": "Asia/Dubai",
            "user_agent": "eyJhbGciOiJIUzI1NiJ9.UG9zdG1hblJ1bnRpbWUvNy4zNy4z.lYd97Uv60STIestaaO3UO_aiP7G10yEmi_XG22KbOPo",
            "purchases": 7,
            "createdAt": "2024-02-27T00:00:00.000Z",
            "updatedAt": "2024-06-06T12:04:37.382Z",
            "__v": 0,
            "firstname": "John",
            "gender": "male",
            "lastname": "Doe",
            "title": "Mr."
        }
}

After the email changes successfully you will once again get the whole user object with all the updated data not to mention the email as well.

Incorrect OTP

{
        success: false,
        msg: "The OTP is incorrect."
}