Email Authentication
This guide explains how to implement email-based authentication in the LAX application.
Request Verification Code
Endpoint
- Method: POST
- URL:
/api/auth/login-request
Request Headers
| Header | Value | Required |
|---|---|---|
| Content-Type | application/json | Yes |
| Accept | application/json | Yes |
Request Body
| Parameter | Type | Description | Required |
|---|---|---|---|
| string | User's email address | Yes |
Success Response
{
"success": true,
"message": "Verification code has been sent",
"data": {
"email": "user@example.com"
},
"status_code": 200
}
Error Responses
Invalid Email Format (422)
{
"success": false,
"message": "The email field must be a valid email address",
"data": null,
"status_code": 422
}
Confirm Verification Code
Endpoint
- Method: POST
- URL:
/api/auth/login-confirm
Request Headers
| Header | Value | Required |
|---|---|---|
| Content-Type | application/json | Yes |
| Accept | application/json | Yes |
Request Body
| Parameter | Type | Description | Required |
|---|---|---|---|
| string | Email address used in login request | Yes | |
| token | string | Verification code received via email | Yes |
| device_type | string | Type of device (android/ios/web) | Yes |
| fcm_token | string | Firebase Cloud Messaging token | No |
| device_id | string | Unique device identifier | Required with fcm_token |
Success Response
{
"success": true,
"message": "You have logged in successfully",
"data": {
"id": 13,
"name": "John Doe",
"email": "user@example.com",
"is_using_apple_private_relay_email": false,
"avatar": null,
"token": "93|MCYIcgaFQR1dlh8SBAAFD7EPR3fe3sWgGssmzYVpe7684615",
"is_app_rated": null,
"is_app_rated_reminder": null,
"is_subscribed": true
},
"status_code": 200
}
Error Responses
Invalid Code (422)
{
"success": false,
"message": "Invalid verification code",
"data": null,
"status_code": 422
}
Code Expired (422)
{
"success": false,
"message": "Verification code has expired",
"data": null,
"status_code": 422
}
Missing Required Fields (422)
{
"success": false,
"message": "The device type field is required",
"data": null,
"status_code": 422
}
Example Implementation Flow
- User enters email address
- Application sends login request to
/api/auth/login-request - User receives verification code via email
- Application collects:
- Email address
- Verification code
- Device information
- Application sends confirmation request to
/api/auth/login-confirm - Upon success:
- Store the returned API token securely
- Save user information locally
- Navigate to the main application screen
- Upon error:
- Display error message to user
- Allow user to request new code if expired