{
  "info": {
    "_postman_id": "userauth-collection-001",
    "name": "BuddyMentor - User Auth APIs",
    "description": "Collection for all User Authentication APIs including registration, login, password reset, and OAuth",
    "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
  },
  "item": [
    {
      "name": "Registration Flow",
      "item": [
        {
          "name": "Step 1 - Register Start",
          "event": [
            {
              "listen": "test",
              "script": {
                "exec": [
                  "if (pm.response.code === 200 || pm.response.code === 201) {",
                  "    pm.environment.set('emailId', pm.request.body.raw ? JSON.parse(pm.request.body.raw).emailId : '');",
                  "}"
                ],
                "type": "text/javascript"
              }
            }
          ],
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              }
            ],
            "body": {
              "mode": "raw",
              "raw": "{\n  \"emailId\": \"user@example.com\",\n  \"password\": \"SecurePass@123\",\n  \"confirmPassword\": \"SecurePass@123\"\n}"
            },
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/register-start",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "register-start"
              ]
            },
            "description": "Step 1: Register with email and password, OTP will be sent to email\n\nRequired Fields:\n- emailId: Valid email address\n- password: Min 8 chars, must contain uppercase, lowercase, number, and special character (@$!%*?&)\n- confirmPassword: Must match password"
          },
          "response": []
        },
        {
          "name": "Step 2 - Verify OTP",
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              }
            ],
            "body": {
              "mode": "raw",
              "raw": "{\n  \"emailId\": \"user@example.com\",\n  \"otp\": \"123456\"\n}"
            },
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/verify-otp",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "verify-otp"
              ]
            },
            "description": "Step 2: Verify OTP received in email\n\nRequired Fields:\n- emailId: Same email used in register-start\n- otp: 6-digit code sent to email"
          },
          "response": []
        },
        {
          "name": "Step 3 - Complete Profile",
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              }
            ],
            "body": {
              "mode": "raw",
              "raw": "{\n  \"emailId\": \"user@example.com\",\n  \"firstName\": \"John\",\n  \"lastName\": \"Doe\",\n  \"mobileCountryCode\": \"+91\",\n  \"mobileNumber\": \"9876543210\",\n  \"dateOfBirth\": \"2000-01-15\",\n  \"gender\": \"male\",\n  \"state\": \"Maharashtra\",\n  \"city\": \"Mumbai\",\n  \"disciplineCode\": \"CSE\",\n  \"disciplineName\": \"Computer Science Engineering\",\n  \"stream\": \"Engineering\",\n  \"degreeOrDiploma\": \"B.Tech\",\n  \"institutionOrCompanyName\": \"XYZ Institute\",\n  \"userType\": \"fresher_final_year_student\",\n  \"termsAccepted\": true\n}"
            },
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/complete-profile",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "complete-profile"
              ]
            },
            "description": "Step 3: Complete user registration with full profile details\n\nRequired Fields:\n- emailId, firstName, lastName, mobileNumber, dateOfBirth (ISO format)\n- gender: male | female | prefer_not_to_say\n- state, city, disciplineCode\n- degreeOrDiploma\n- userType: fresher_final_year_student | industry_pro\n- termsAccepted: true\n\nOptional Fields:\n- mobileCountryCode (default: +91)\n- disciplineName, stream, institutionOrCompanyName"
          },
          "response": []
        },
        {
          "name": "Resend OTP",
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              }
            ],
            "body": {
              "mode": "raw",
              "raw": "{\n  \"emailId\": \"user@example.com\"\n}"
            },
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/resend-otp",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "resend-otp"
              ]
            },
            "description": "Resend OTP to email if not received or expired\n\nRequired Fields:\n- emailId: Email address to resend OTP to"
          },
          "response": []
        }
      ],
      "description": "User registration flow with email verification"
    },
    {
      "name": "Login & Authentication",
      "item": [
        {
          "name": "Login with Email & Password",
          "event": [
            {
              "listen": "test",
              "script": {
                "exec": [
                  "if (pm.response.code === 200) {",
                  "    var jsonData = pm.response.json();",
                  "    pm.environment.set('token', jsonData.data.token);",
                  "    pm.environment.set('refreshToken', jsonData.data.refreshToken);",
                  "}"
                ],
                "type": "text/javascript"
              }
            }
          ],
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              }
            ],
            "body": {
              "mode": "raw",
              "raw": "{\n  \"emailId\": \"user@example.com\",\n  \"password\": \"SecurePass@123\"\n}"
            },
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/login",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "login"
              ]
            },
            "description": "Login with email and password\n\nRequired Fields:\n- emailId: User's email address\n- password: User's password\n\nReturns:\n- token: JWT access token (stored in environment)\n- refreshToken: Refresh token for getting new access token"
          },
          "response": []
        },
        {
          "name": "Login with OTP - Step 1: Request OTP",
          "event": [
            {
              "listen": "test",
              "script": {
                "exec": [
                  "if (pm.response.code === 200 || pm.response.code === 201) {",
                  "    pm.environment.set('contact', pm.request.body.raw ? JSON.parse(pm.request.body.raw).contact : '');",
                  "}"
                ],
                "type": "text/javascript"
              }
            }
          ],
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              }
            ],
            "body": {
              "mode": "raw",
              "raw": "{\n  \"contact\": \"user@example.com\"\n}"
            },
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/login-with-otp",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "login-with-otp"
              ]
            },
            "description": "Step 1: Request OTP for login - OTP will be sent to email or mobile number\n\nRequired Fields:\n- contact: Email address or mobile number (e.g., user@example.com or 9876543210)"
          },
          "response": []
        },
        {
          "name": "Login with OTP - Step 2: Verify OTP & Login",
          "event": [
            {
              "listen": "test",
              "script": {
                "exec": [
                  "if (pm.response.code === 200) {",
                  "    var jsonData = pm.response.json();",
                  "    pm.environment.set('token', jsonData.data.token);",
                  "    pm.environment.set('refreshToken', jsonData.data.refreshToken);",
                  "}"
                ],
                "type": "text/javascript"
              }
            }
          ],
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              }
            ],
            "body": {
              "mode": "raw",
              "raw": "{\n  \"contact\": \"user@example.com\",\n  \"otp\": \"123456\"\n}"
            },
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/verify-otp-login",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "verify-otp-login"
              ]
            },
            "description": "Step 2: Verify OTP and complete login\n\nRequired Fields:\n- contact: Email address or mobile number (same as Step 1)\n- otp: 6-digit OTP received via email or SMS\n\nReturns:\n- token: JWT access token (stored in environment)\n- refreshToken: Refresh token for getting new access token"
          },
          "response": []
        },
        {
          "name": "Login with OTP - Resend OTP",
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              }
            ],
            "body": {
              "mode": "raw",
              "raw": "{\n  \"contact\": \"user@example.com\"\n}"
            },
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/resend-otp-login",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "resend-otp-login"
              ]
            },
            "description": "Resend OTP for login if not received or expired\n\nRequired Fields:\n- contact: Email address or mobile number"
          },
          "response": []
        }
      ],
      "description": "User login and authentication endpoints (supports both password and OTP-based login)"
    },
    {
      "name": "Password Management",
      "item": [
        {
          "name": "Forgot Password (Request OTP)",
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              }
            ],
            "body": {
              "mode": "raw",
              "raw": "{\n  \"emailId\": \"user@example.com\"\n}"
            },
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/forgot-password",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "forgot-password"
              ]
            },
            "description": "Request password reset OTP - 6-digit OTP will be sent to email\n\nRequired Fields:\n- emailId: User's email address"
          },
          "response": []
        },
        {
          "name": "Verify Forgot Password OTP",
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              }
            ],
            "body": {
              "mode": "raw",
              "raw": "{\n  \"emailId\": \"user@example.com\",\n  \"otp\": \"123456\"\n}"
            },
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/verify-forgot-password-otp",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "verify-forgot-password-otp"
              ]
            },
            "description": "Verify the 6-digit OTP received via email\n\nRequired Fields:\n- emailId: User's email address\n- otp: 6-digit OTP code"
          },
          "response": []
        },
        {
          "name": "Reset Password",
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              }
            ],
            "body": {
              "mode": "raw",
              "raw": "{\n  \"token\": \"reset-token-from-email\",\n  \"emailId\": \"user@example.com\",\n  \"newPassword\": \"NewSecurePass@456\",\n  \"confirmPassword\": \"NewSecurePass@456\"\n}"
            },
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/reset-password",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "reset-password"
              ]
            },
            "description": "Reset password using token from email\n\nRequired Fields:\n- token: Reset token from email link\n- emailId: User's email address\n- newPassword: Min 8 chars, must contain uppercase, lowercase, number, special character (@$!%*?&)\n- confirmPassword: Must match newPassword"
          },
          "response": []
        }
      ],
      "description": "Password reset and recovery endpoints"
    },
    {
      "name": "Profile Management",
      "item": [
        {
          "name": "Update Profile",
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              },
              {
                "key": "Authorization",
                "value": "Bearer {{token}}"
              }
            ],
            "body": {
              "mode": "raw",
              "raw": "{\n  \"firstName\": \"John\",\n  \"lastName\": \"Doe Updated\",\n  \"mobileNumber\": \"9876543210\",\n  \"gender\": \"male\",\n  \"state\": \"Maharashtra\",\n  \"city\": \"Pune\"\n}"
            },
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/update-profile",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "update-profile"
              ]
            },
            "description": "Update user profile (protected endpoint - requires authentication)\n\nRequired Headers:\n- Authorization: Bearer {{token}}\n\nOptional Fields (at least one required):\n- firstName, lastName, mobileCountryCode, mobileNumber\n- gender, state, city\n- disciplineCode, disciplineName, stream\n- degreeOrDiploma, institutionOrCompanyName"
          },
          "response": []
        }
      ],
      "description": "User profile management endpoints"
    },
    {
      "name": "OAuth - Google",
      "item": [
        {
          "name": "Get Google Auth URL",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/google/url",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "google",
                "url"
              ]
            },
            "description": "Get Google OAuth authorization URL\n\nReturns:\n- authUrl: URL to redirect user for Google sign-in"
          },
          "response": []
        },
        {
          "name": "Google OAuth Callback",
          "request": {
            "method": "GET",
            "header": [],
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/google/callback?code=authorization-code",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "google",
                "callback"
              ],
              "query": [
                {
                  "key": "code",
                  "value": "authorization-code"
                }
              ]
            },
            "description": "Google OAuth callback handler\n\nQuery Parameters:\n- code: Authorization code from Google"
          },
          "response": []
        },
        {
          "name": "Sign In with Google",
          "event": [
            {
              "listen": "test",
              "script": {
                "exec": [
                  "if (pm.response.code === 200) {",
                  "    var jsonData = pm.response.json();",
                  "    pm.environment.set('token', jsonData.data.token);",
                  "}"
                ],
                "type": "text/javascript"
              }
            }
          ],
          "request": {
            "method": "POST",
            "header": [
              {
                "key": "Content-Type",
                "value": "application/json"
              }
            ],
            "body": {
              "mode": "raw",
              "raw": "{\n  \"idToken\": \"google-id-token\"\n}"
            },
            "url": {
              "raw": "{{baseUrl}}/api/v1/auth/google/signin",
              "host": [
                "{{baseUrl}}"
              ],
              "path": [
                "api",
                "v1",
                "auth",
                "google",
                "signin"
              ]
            },
            "description": "Sign in with Google using ID token\n\nRequired Fields:\n- idToken: Google ID token from frontend\n\nReturns:\n- token: JWT access token\n- refreshToken: Refresh token"
          },
          "response": []
        }
      ],
      "description": "Google OAuth integration endpoints"
    }
  ],
  "variable": [
    {
      "key": "baseUrl",
      "value": "http://localhost:5000",
      "type": "string"
    },
    {
      "key": "token",
      "value": "",
      "type": "string"
    },
    {
      "key": "refreshToken",
      "value": "",
      "type": "string"
    },
    {
      "key": "emailId",
      "value": "",
      "type": "string"
    }
  ]
}
