Skip to main content
The unified authentication endpoint handles both user registration and login.

Register a New User

To create a new account, set action to register: 
curl -X POST https://api.fucksornot.com/api/auth \
  -H "Content-Type: application/json" \
  -d '{
    "action": "register",
    "email": "[email protected]",
    "username": "johndoe",
    "password": "SecurePassword123!"
  }'

Validation Rules

FieldRules
emailValid email format
username3-30 characters, alphanumeric and underscore only
passwordMinimum 8 characters, complexity requirements

Login

To authenticate an existing user, set action to login: 
curl -X POST https://api.fucksornot.com/api/auth \
  -H "Content-Type: application/json" \
  -d '{
    "action": "login",
    "email": "[email protected]",
    "password": "SecurePassword123!"
  }'

With MFA

If MFA is enabled, include the code: 
{
  "action": "login",
  "email": "[email protected]",
  "password": "SecurePassword123!",
  "mfaCode": "123456"
}

Response

{
  "user": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "username": "johndoe",
    "email": "[email protected]"
  },
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "mfaRequired": false
}
If MFA is required but not provided: 
{
  "mfaRequired": true
}

Rate Limiting

This endpoint is rate limited to 5 attempts per 15 minutes per IP address.