Appearance
Auth - Subscriber
Base URL:
https://your-domain.com
Authentication endpoints for Subscribers (mobile app). Returns a Bearer token valid for 30 days.
Subscriber Login
Login endpoint for Subscribers using the mobile app. Returns a Bearer token valid for 30 days.
| Property | Value |
|---|---|
| Endpoint | Subscriber Login |
| Method | POST |
| URL | /api/v1/subscriber/login |
| Authentication | Not Required |
Request Headers:
| Header | Value | Required |
|---|---|---|
Content-Type | application/json | Yes |
Accept | application/json | Yes |
Request Body:
json
{
"username": "subscriber1",
"password": "subscriber-password"
}| Parameter | Type | Required | Description |
|---|---|---|---|
username | string | Yes | Subscriber's username |
password | string | Yes | Subscriber's password |
Success Response (200 OK):
json
{
"success": true,
"message": "Login successful",
"data": {
"subscriber": {
"id": 1,
"username": "subscriber1",
"fullname": "John Doe",
"email": "[email protected]",
"phone": "01712345678",
"package_name": "10MB Package",
"expiration_date": "2025-12-31 23:59:59",
"status": "active"
},
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
"token_type": "bearer",
"expires_in": 2592000
}
}Error Response (401 Unauthorized):
json
{
"success": false,
"message": "Invalid username or password"
}Error Response (403 Forbidden):
json
{
"success": false,
"message": "Your account is disabled. Please contact support."
}cURL Example:
bash
curl -X POST "https://your-domain.com/api/v1/subscriber/login" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{
"username": "subscriber1",
"password": "subscriber-password"
}'Subscriber Logout
Logout subscriber from the current device and invalidate the token.
| Property | Value |
|---|---|
| Endpoint | Subscriber Logout |
| Method | POST |
| URL | /api/v1/subscriber/logout |
| Authentication | Bearer Token (Subscriber) |
Request Headers:
| Header | Value | Required |
|---|---|---|
Accept | application/json | Yes |
Authorization | Bearer subscriber-token | Yes |
Request Body: None
Success Response (200 OK):
json
{
"success": true,
"message": "Successfully logged out"
}Error Response (401 Unauthorized):
json
{
"success": false,
"message": "Unauthenticated"
}cURL Example:
bash
curl -X POST "https://your-domain.com/api/v1/subscriber/logout" \
-H "Accept: application/json" \
-H "Authorization: Bearer subscriber-token"Subscriber Logout All Devices
Logout subscriber from all devices by invalidating all active tokens.
| Property | Value |
|---|---|
| Endpoint | Subscriber Logout All Devices |
| Method | POST |
| URL | /api/v1/subscriber/logout-all |
| Authentication | Bearer Token (Subscriber) |
Request Headers:
| Header | Value | Required |
|---|---|---|
Accept | application/json | Yes |
Authorization | Bearer subscriber-token | Yes |
Request Body: None
Success Response (200 OK):
json
{
"success": true,
"message": "Successfully logged out from all devices"
}Error Response (401 Unauthorized):
json
{
"success": false,
"message": "Unauthenticated"
}cURL Example:
bash
curl -X POST "https://your-domain.com/api/v1/subscriber/logout-all" \
-H "Accept: application/json" \
-H "Authorization: Bearer subscriber-token"Subscriber Refresh Token
Refresh the subscriber's access token to extend the session.
| Property | Value |
|---|---|
| Endpoint | Subscriber Refresh Token |
| Method | POST |
| URL | /api/v1/subscriber/refresh-token |
| Authentication | Bearer Token (Subscriber) |
Request Headers:
| Header | Value | Required |
|---|---|---|
Accept | application/json | Yes |
Authorization | Bearer subscriber-token | Yes |
Request Body: None
Success Response (200 OK):
json
{
"success": true,
"data": {
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
"token_type": "bearer",
"expires_in": 2592000
}
}Error Response (401 Unauthorized):
json
{
"success": false,
"message": "Token has expired and cannot be refreshed"
}cURL Example:
bash
curl -X POST "https://your-domain.com/api/v1/subscriber/refresh-token" \
-H "Accept: application/json" \
-H "Authorization: Bearer subscriber-token"Mobile Auto Login (WebView)
WebView auto-login endpoint used by mobile app to authenticate WebView sessions automatically.
| Property | Value |
|---|---|
| Endpoint | Mobile Auto Login |
| Method | GET |
| URL | /mobile-auto-login |
| Authentication | Bearer Token (Subscriber) |
Request Headers:
| Header | Value | Required |
|---|---|---|
Accept | application/json | Yes |
Authorization | Bearer subscriber-token | Yes |
Request Body: None
Success Response (200 OK):
Redirects to the subscriber portal with an authenticated session.
Error Response (401 Unauthorized):
json
{
"success": false,
"message": "Unauthenticated"
}cURL Example:
bash
curl -X GET "https://your-domain.com/mobile-auto-login" \
-H "Accept: application/json" \
-H "Authorization: Bearer subscriber-token"