Scrapizoo Customer API Docs

Customer Base URL

http://localhost:8000/api/customer

All routes below are prefixed with this base URL.

1️⃣ Send OTP (Login / Register)

POST /send-otp

Request

{
  "email": "user@gmail.com"
  OR
  "phone": 9876543210
}

Response

{
  "success": true,
  "message": "OTP sent successfully",
  "user_id": "customerId",
  "flag": 1
}

flag = 0 → register new user automatically // show edit-profile-page
flag = 1 → login // show home-page

cURL

curl -X POST http://localhost:8000/api/customer/send-otp \
-H "Content-Type: application/json" \
-d '{"phone":9876543210}'

1️⃣ Register Customer

POST /register

Request Body


{
  "fullname": "Saksham Garg",
  "email": "saksham@gmail.com",
  "phone": 9876543210,
  "password": "123456",
  "address": "Street 1",
  "city": "Meerut",
  "state": "UP",
  "pinCode": 110001,
  "country": "INDIA"
}

Success Response (201)


{
  "success": true,
  "message": "Customer registered successfully",
  "data": createdCustomer
}

Error Responses

400 → Missing fields / Email exists

3️⃣ Login Customer

POST /login

Request Body


{
  "email": "saksham@gmail.com" OR "phone": 9876543210,
  "otp": 123456
}

Response (200)


{
  "success": true,
  "message": "Customer logged In Successfully",
  "data": { customerData },
  "accessToken": "jwt-token",
  "refreshToken": "jwt-token"
}

cURL

curl -X POST http://localhost:8000/api/customer/login \
-H "Content-Type: application/json" \
-d '{"phone":9876543210,"otp":"123456"}'

Cookies Set

accessToken (httpOnly)
refreshToken (httpOnly)

Error Responses

404 → Customer not found / OTP mismatch

4️⃣ Refresh Access Token

POST /refresh-token

Request

Refresh token required in cookies or body

Response (200)


{
  "success": true,
  "message": "Access token refreshed",
  "accessToken": "newToken",
  "refreshToken": "newToken"
}

Error

401 → Invalid or expired refresh token

5️⃣ Logout

POST /logout (Protected - JWT Required)

Headers Required


Authorization: Bearer accessToken

Response


{
  "success": true,
  "message": "Customer Logout Successfully"
}

6️⃣ Update Profile

POST /update (Protected - JWT Required)

Headers


Authorization: Bearer accessToken

Request Body


{
  "fullname": "Saksham Garg",
  "email": "saksham@gmail.com",
  "phone": "9876543210",
  "address": "New Address",
  "city": "Delhi",
  "state": "Delhi",
  "pinCode": "90001",
  "country": "India"
}

Response (200)


{
  "success": true,
  "message": "Profile updated successfully",
  "data": { updatedCustomer }
}

7️⃣ Keep Login

POST /keeplogin (Protected - JWT Required)

Response


{
  "success": true,
  "customer": { customerData }
}

8️⃣ Change Password

POST /change-password (Protected - JWT Required)

Request Body


{
  "oldPassword": "123456",
  "newPassword": "newPassword123"
}

Response


{
  "success": true,
  "message": "Password changed successfully"
}

Error

400 → Invalid old password