Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/dev0302/nextjs-project-1/llms.txt

Use this file to discover all available pages before exploring further.

This endpoint completes the two-step registration flow. After calling POST /api/send-otp and receiving a 6-digit OTP by email, submit all registration fields here. The server validates every field, confirms the email is not already taken, verifies the OTP against the most recent OTP document in MongoDB, bcrypt-hashes the password, and persists the new user record. On success it returns the newly created user’s safe (non-sensitive) profile data.

Method and URL

POST /api/sign-up

Authentication

None required. This endpoint is publicly accessible.

Request Body

username
string
required
The desired display name for the account. Must be between 2 and 20 characters and may only contain letters, numbers, and underscores (/^[a-zA-Z0-9_]+$/).
email
string
required
A valid, unique email address. Must match the address that was passed to POST /api/send-otp to receive the OTP.
password
string
required
The account password. Minimum 3 characters. The value is never stored in plain text — it is hashed with bcrypt (salt rounds: 10) before being written to the database.
otp
string
required
The 6-digit numeric OTP delivered by POST /api/send-otp. The server fetches the most recent OTP document for the given email and performs a strict string comparison. The OTP expires after 5 minutes.

Example Request

{
  "username": "alex_92",
  "email": "alex@example.com",
  "password": "hunter2",
  "otp": "482910"
}

Response Fields

success
boolean
true when the account was created successfully, false on any error.
message
string
A human-readable description of the outcome (e.g., "User Registered Successfully").
data.id
string
The MongoDB ObjectId of the newly created user document, serialised as a plain string.
data.username
string
The username chosen during registration.
data.email
string
The verified email address associated with the account.
data.isVerified
boolean
Always true for accounts created through this endpoint — OTP verification is a prerequisite.
data.isAcceptingMessages
boolean
Always true immediately after registration. Users can update this preference later.
data.messages
array
An empty array at the point of creation. Populated as anonymous messages are received.

HTTP Status Codes

StatusMeaning
201Account created successfully.
400One or more required fields are missing from the request body.
401The supplied OTP does not match the most recent OTP for this email, or no OTP document exists.
409An account with this email address already exists.
500Unexpected server error (database failure, bcrypt error, etc.).

Success Response (201)

{
  "success": true,
  "message": "User Registered Successfully",
  "data": {
    "id": "665f1a2b3c4d5e6f7a8b9c0d",
    "username": "alex_92",
    "email": "alex@example.com",
    "isVerified": true,
    "isAcceptingMessages": true,
    "messages": []
  }
}

Error Responses

400 — Missing Fields 
{
  "success": false,
  "message": "All fields required"
}
401 — Invalid OTP 
{
  "success": false,
  "message": "Invalid OTP"
}
409 — User Already Exists 
{
  "success": false,
  "message": "User Already Exists"
}
500 — Server Error 
{
  "success": false,
  "message": "Signup failed"
}

curl Example

curl --request POST \
  --url https://your-domain.com/api/sign-up \
  --header 'Content-Type: application/json' \
  --data '{
    "username": "alex_92",
    "email": "alex@example.com",
    "password": "hunter2",
    "otp": "482910"
  }'
The OTP is only valid for 5 minutes from the time POST /api/send-otp was called. If the OTP has expired, request a fresh one before attempting sign-up again.
Validate the username, email, and password fields on the client using the Zod signUpSchema exported from src/app/schemas/signUpSchema.ts before making this request to surface validation errors without a round-trip to the server.

Build docs developers (and LLMs) love

Get started for freeTalk to us