You can use any SMTP server you like. On my case, it would be convenient to use Mail Trap for testing. If ever you will use Mail Trap an SMTP configuration will be provided upon sign-up. You just have to configure it on your .env file.
Be sure to configure MAIL_FROM_ADDRESS in your .env file to avoid errors when accessing end-points that sends out an email.
All user types (admin,user) share the same end-point through
POST:
api/login
If successfully authenticated, it will respond with a token generated by Sanctum that will be used for accessing protected end-points. If credentials are invalid or the user may not have confirmed his/her registration, it will respond with an 401 error code along with Invalid credentials! message.
All user types (admin,user) share the same end-point through
POST:
api/logout
This end-point can only be accessed if the user is authenticated. If not, then a 401 error code will be thrown along with a message Unauthenticated
This function can only be accessed by an Admin user. A normal user account trying to access this will be rejected by a custom middlware named OnlyAdmin
POST:
api/invite
Required form data
email- An email address of whom you wish to invite to.
NOTE: This will produce an error if the user being invited has already pre-registered but haven't yet confirmed his/her email or the user is already registered.
This is the end-point for users who came to the registration page via an email invitation. An email can be provided in the end-point since we assume that we already knows his/her email address. However, the email can be omitted but needs to be provided when sending data.
POST:
api/register/{email?}
Required form data
name- Required.username- Must be unique and has a minimum of 4 and a max of 20 characters.password- Must be confirmed.password_confirmation- Must be confirmed.email- Must be provided if not specified in the URL.
An email will be sent to the provided email address containing a 6-digit confirmation code that needs to be confirmed before it can be used to log-in.
This is the end-point for users who already pre-registered and received their PIN from their emails.
POST:
api/confirm/{email}
Required form data
email- Required.confirmation_code- Required.
Throws an error when
- Confirmation code does not match with the email being provided.
- Email has already been confirmed
This is the end-point for users who wish to update their information. This is only accessible if authenticated and you are updating your own information and not anyone else.
POST:
api/user/update/{id}
Form data
name- Required.user_role- Required and must only be admin/useravatar- Optional. Must be an image and has a maximum dimensions (width:256px, height:256px)