API: Account Registration & Email Verifiction #174
Description
To access and use Defi, organizations or individuals are required to create an account.
-
During registration, users must specify their account type. The following account types are supported for self-registration:
Organization, Freelancer, or Contractor. -
All users are required to provide:
- First name
- Last name
- Email address
-
For users not registering via OAuth (e.g., Google or Apple), the following additional fields are mandatory:
- Password – must be at least 8 characters long and include:
- At least one uppercase letter
- At least one number
- At least one special character
- Confirm Password – must exactly match the password provided
- Password – must be at least 8 characters long and include:
Once all the necessary information is submitted and validated, the user's account should be successfully created.
It is also essential to capture the registration method used:
- If the user signed up through OAuth, the specific provider (
GoogleorApple) must be recorded
Email Verification
-
For accounts created without using OAuth, a verification email must be sent to the user’s email address immediately after successful registration.
- Email verification is mandatory before the user can log in to the platform.
-
Users should have the ability to manually request a new OTP if they did not receive the previous one.
-
A 6-digit OTP with a 2-minute expiration is sent to the user’s email address.
- Once the correct OTP is provided by the user, a successful verification email is sent and their account activated for login.
Important Notes
- Only the most recently generated OTP must be considered valid.
- Any previously generated OTPs should become immediately invalid when a new one is regenerated already.
- The OTP must expire automatically after 2 minutes if not used.
Others
- Email must be unique across all accounts.