Login and Registration

This guide explains how to implement user login and registration in the Sumaya369 mobile application.

User Registration

Endpoint

Method: POST
URL: /v1/mobile/register

Request Headers

Header	Value	Required
Content-Type	application/json	Yes
Accept	application/json	Yes

Request Body

Parameter	Type	Description	Required
username	string	User's username (3-255 characters, must be unique)	Yes
full_name	string	User's full name (3-255 characters)	Yes
email	string	User's email address (must be valid format and unique)	Yes
password	string	User's password (min 6 characters)	Yes
password_confirmation	string	Must match password field	Yes
country_id	string	UUID of user's country	Yes
has_read_policy	boolean	Must be true to accept terms	Yes
avatar	file	Optional profile picture (image file)	No

Success Response

{
    "success": true,
    "message": "تم التسجيل بنجاح يُرجى مراجعة بريدك الإلكتروني لتفعيل حسابك",
    "data": {
        "id": "1a720a90-047b-11f0-b7f2-1fae20a845d5",
        "username": "zzssaszsz",
        "first_name": null,
        "last_name": null,
        "full_name": "Name",
        "email": "zzssaszsz@gmail.com",
        "birth": "1993-12-31",
        "phone": "966555545512",
        "gender": "ذكر",
        "avatar": "https://i.ibb.co/g4BR50S/avatar.png",
        "token": "token_here",
        "token_type": "Bearer"
    },
    "status_code": 200
}

Error Responses

Validation Error (422)

{
    "success": false,
    "message": "قيمة البريد الإلكتروني مُستخدمة من قبل.",
    "errors": null,
    "data": null,
    "status_code": 422
}

Account Activation

Endpoint

Method: POST
URL: /v1/mobile/activate-account

Request Headers

Header	Value	Required
Content-Type	application/json	Yes
Accept	application/json	Yes

Request Body

Parameter	Type	Description	Required
email	string	Registered email address	Yes
otp	string	OTP code received via email	Yes

Success Response

{
    "success": true,
    "message": "تم تفعيل بريدك الإلكتروني بنجاح.",
    "data": {
        "email": "zzssaszsz@gmail.com"
    },
    "status_code": 200
}

Error Responses

Invalid OTP (422)

{
    "success": false,
    "message": "رمز التحقق هذا غير صحيح.",
    "errors": "رمز التحقق هذا غير صحيح.",
    "data": null,
    "status_code": 404
}

Resend Activation OTP

Endpoint

Method: POST
URL: /v1/mobile/resend-activation

Request Headers

Header	Value	Required
Content-Type	application/json	Yes
Accept	application/json	Yes

Request Body

Parameter	Type	Description	Required
email	string	Registered email address	Yes

Success Response

{
    "success": true,
    "message": "تم إرسال رسالة التفعيل إلى بريدك الإلكتروني",
    "data": null,
    "status_code": 200
}

Endpoint

Method: POST
URL: /v1/mobile/login

Request Headers

Header	Value	Required
Content-Type	application/json	Yes
Accept	application/json	Yes

Request Body

Parameter	Type	Description	Required
email	string	User's email or username	Yes
password	string	User's password	Yes
fcm_token	string	Firebase Cloud Messaging token	No
device_id	string	Unique device identifier	Required with fcm_token
remember_me	boolean	Keep user logged in	No

Success Response

{
    "success": true,
    "message": "تم تسجيل الدخول بنجاح.",
    "data": {
        "id": "9f2ecd22-5c07-48ec-9415-2979deec4493",
        "first_name": "Hamad",
        "last_name": "Alshabanah",
        "full_name": "Hamad Alshabanah",
        "email": "developer@sumaya369.net",
        "birth": "1993-05-15 00:00:00",
        "avatar": "https://i.ibb.co/YhTw0wR/7-512.png",
        "phone": "501968815",
        "gender": "انثى",
        "has_completed_profile": true,
        "token": "token_here",
        "token_type": "Bearer"
    },
    "status_code": 200
}

Logout

Endpoint

Method: POST
URL: /v1/mobile/logout

Request Headers

Header	Value	Required
Content-Type	application/json	Yes
Accept	application/json	Yes
Authorization	Bearer token	Yes

Request Body

Parameter	Type	Description	Required
fcm_token	string	FCM token to remove from registered devices	No

Success Response

{
    "success": true,
    "message": "تم تسجيل الخروج بنجاح.",
    "data": null,
    "status_code": 200
}

Check Account Exists

Endpoint

Method: POST
URL: /v1/mobile/check-account-exists

Request Headers

Header	Value	Required
Content-Type	application/json	Yes
Accept	application/json	Yes

Request Body

Parameter	Type	Description	Required
email	string	Email address to check	Yes
full_name	string	Full name to validate format	No

Success Response

{
    "success": true,
    "message": "ok",
    "data": null,
    "status_code": 200
}

Error Response

{
    "success": false,
    "message": "حدث خطأ في البيانات المرسلة يرجى التحقق منها.",
    "errors": {
        "email": "قيمة البريد الإلكتروني مُستخدمة من قبل."
    },
    "data": null,
    "status_code": 422
}

Remove Account

Endpoint

Method: POST
URL: /v1/mobile/remove-account

Request Headers

Header	Value	Required
Content-Type	application/json	Yes
Accept	application/json	Yes
Authorization	Bearer token	Yes

Request Body

Success Response

{
    "success": true,
    "message": "تم تسجيل الخروج بنجاح.",
    "data": null,
    "status_code": 200
}

Example Implementation Flow

User Registration Process
- User fills out registration form
- Application checks email availability via /v1/mobile/check-account-exists
- Application sends registration request to /v1/mobile/register
- User receives OTP code via email
- User verifies account using OTP via /v1/mobile/activate-account
- If OTP is not received, user can request a new one via /v1/mobile/resend-activation
Login Process
- User enters email and password
- Application sends login request to /v1/mobile/login
- Upon successful authentication:
  - Receive access token
  - Store user information
  - Configure FCM token for push notifications (if applicable)
- Navigate to main application screen
Account Management
- Check Account Exists:
  - Used before registration to validate email availability
  - Optionally validates full name format (3-255 characters)
  - Prevents duplicate registrations and ensures data integrity
- Remove Account:
  - Requires valid authentication token
  - Revokes the user's token

Key Considerations

Always use HTTPS for all authentication requests
Securely store tokens and user information
Handle authentication errors gracefully
OTP codes are time-sensitive and should be entered promptly
Implement proper FCM token management for push notifications

User Registration​

Endpoint​

Request Headers​

Request Body​

Success Response​

Error Responses​

Validation Error (422)​

Account Activation​

Endpoint​

Request Headers​

Request Body​

Success Response​

Error Responses​

Invalid OTP (422)​

Resend Activation OTP​

Endpoint​

Request Headers​

Request Body​

Success Response​

User Login​

Endpoint​

Request Headers​

Request Body​

Success Response​

Logout​

Endpoint​

Request Headers​

Request Body​

Success Response​

Check Account Exists​

Endpoint​

Request Headers​

Request Body​

Success Response​

Error Response​

Remove Account​

Endpoint​

Request Headers​

Request Body​

Success Response​

Example Implementation Flow​

Key Considerations​

User Registration

Endpoint

Request Headers

Request Body

Success Response

Error Responses

Validation Error (422)

Account Activation

Endpoint

Request Headers

Request Body

Success Response

Error Responses

Invalid OTP (422)

Resend Activation OTP

Endpoint

Request Headers

Request Body

Success Response

User Login

Endpoint

Request Headers

Request Body

Success Response

Logout

Endpoint

Request Headers

Request Body

Success Response

Check Account Exists

Endpoint

Request Headers

Request Body

Success Response

Error Response

Remove Account

Endpoint

Request Headers

Request Body

Success Response

Example Implementation Flow

Key Considerations