WoWSQLWoWSQL
Dashboard

Authentication

User Authentication

WoWSQL provides complete authentication for your application users. Enable auth in your project settings, then use these endpoints at your project subdomain.

Base URL: https://your-project-slug.wowsql.com

User Registration

POST /signup

Headers:
  Content-Type: application/json

Body:
{
  "email": "user@example.com",
  "password": "securepassword123",
  "full_name": "John Doe",
  "user_metadata": {
    "company": "Acme Corp"
  }
}

User Login

POST /login

Headers:
  Content-Type: application/json

Body:
{
  "email": "user@example.com",
  "password": "securepassword123"
}

Response:
{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "refresh_token": "refresh_token_here",
  "user": {
    "id": "user-id",
    "email": "user@example.com",
    "email_verified": true
  }
}

Get Current User

GET /me

Headers:
  Authorization: Bearer ACCESS_TOKEN

OAuth Authentication

Allow users to sign in with Google, GitHub, and other providers:

GET /oauth/{provider}

Supported providers: google, github, facebook, twitter, microsoft, apple

// Redirects user to OAuth provider
// Callback: /oauth/{provider}/callback

Magic Links (Passwordless)

Send passwordless login links via email:

POST /magic-link/send

Headers:
  Content-Type: application/json

Body:
{
  "email": "user@example.com"
}

// User clicks link in email
GET /magic-link/verify?token=VERIFICATION_TOKEN

Phone Number + OTP

SMS-based authentication:

POST /otp/send

Headers:
  Content-Type: application/json

Body:
{
  "phone": "+1234567890"
}

POST /otp/verify

Body:
{
  "phone": "+1234567890",
  "otp": "123456"
}

Password Reset

POST /forgot-password

Headers:
  Content-Type: application/json

Body:
{
  "email": "user@example.com"
}

POST /reset-password

Body:
{
  "token": "reset_token_from_email",
  "new_password": "newsecurepassword123"
}

Email Verification

POST /verify-email

Headers:
  Authorization: Bearer ACCESS_TOKEN

// Or verify via email link
GET /verify-email?token=VERIFICATION_TOKEN

Two-Factor Authentication

Add an extra layer of security with 2FA:

POST /2fa/setup-totp

Headers:
  Authorization: Bearer ACCESS_TOKEN

// Returns QR code for authenticator app

POST /2fa/verify-and-enable

Body:
{
  "totp_code": "123456"
}

POST /2fa/disable

Headers:
  Authorization: Bearer ACCESS_TOKEN