A simple AuthApp using Rails 7(API only).
Features
- User sign up and login
- Generate & verify OTP
- Update password & toggle 2FA
Rails version - 7.0.4
Ruby version - 3.0.2
Installation & Setup:
Clone the project.
Create master.key file in config folder (value - 88b37458d4861b547e93a24e4c173387)
Run bundle install and rails db:setup.
Start the Rails server using rails s.
Run the RSpec tests with rspec spec/.
App Workflow:
Register using email id & password (the password should be strong).
Click on the confirmation email link to verify the account.
Log in to create a temporary JWT and use that token for generating and verifying OTP.
Generate & verify the OTP (requires the temporary JWT token).
Once the OTP is verified, use the JWT token for authenticating other actions.
Enabling or disabling 2FA requires the current password + the newly generated OTP.
Updating the password requires the current password + the newly generated OTP.
Note - OTP will be send through the registered email id
Code coverage file:///{path}/coverage/index.html
APIPIE documentation http://localhost:3000/apipie
CURL Requests
- Registration
curl --location 'localhost:3000/users/signup' \ --header 'Content-Type: application/json' \ --data-raw '{ "email": "[email protected]", "password": "Test@1234", "password_confirmation": "Test@1234"}'
- Confirm Email
curl --location 'http://localhost:3000/users/confirmations/AccNSNPWb1tQcJcyenlIHA'
- Resend Confirmation Email
curl --location 'localhost:3000/users/confirmations' \ --header 'Content-Type: application/json' \ --data-raw '{"email": "[email protected]", "password": "Test@1234"}'
- Login
curl --location 'localhost:3000//users/login' \ --header 'Content-Type: application/json' \ --data-raw '{"email": "[email protected]", "password": "Test@1234"}'
- Generate OTP
curl --location --request POST 'localhost:3000/users/generate_otp' \ --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer Token' \ --data ''
- Verify OTP
curl --location 'localhost:3000/users/verify_otp' \ --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer Token' \ --data '{"otp": "388409"}'
- Toggle 2FA
curl --location --request PATCH 'localhost:3000/users/toggle_2fa' \ --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer Token' \ --data-raw '{"password": "Test@1234", "otp": "544608", "enable_2fa": false}'
- Update Password
curl --location --request PATCH 'localhost:3000/users/passwords' \ --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer Token' \ --data-raw '{"current_password": "Test@1234", "new_password": "TestNew@1234", "otp": "275073"}'