Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/BladimirGS/judicial-backend/llms.txt

Use this file to discover all available pages before exploring further.

The login endpoint authenticates a user by forwarding credentials to the configured external auth service (EXTERNAL_AUTH_URL). On success, the backend issues a signed JWT access_token to the caller and stores a refreshToken in an HttpOnly cookie scoped to /api/auth. The cookie is never accessible to JavaScript and is used exclusively by the /refresh and /logout endpoints.

Endpoint

POST /api/auth/login
PropertyValue
Auth requiredNo — public endpoint
Rate limitedYes — 20 requests per 15 minutes (auth limiter)
Content-Typeapplication/json

Request Body

usuario
string
required
The username of the account to authenticate. Must be a non-empty string.
contrasenia
string
required
The password for the account. Must be a non-empty string. Transmitted over HTTPS only.
Both usuario and contrasenia are validated server-side with class-validator. Requests that omit either field or supply non-string values are rejected immediately with a 400 VALIDATION_ERROR before the external auth service is ever contacted.

Response — 200 OK

A successful authentication returns a JSON body with the access_token and sets a refreshToken cookie. Use the access_token as a Bearer token in the Authorization header for all protected routes.
status
string
Always "success" on a 200 response.
message
string
Human-readable confirmation, e.g. "Inicio de sesión exitoso".
data
object
Along with the JSON body, the server sets the following cookie: 
Set-Cookie: refreshToken=<value>; HttpOnly; Path=/api/auth; SameSite=<policy>; Max-Age=86400
AttributeValue
NamerefreshToken
HttpOnlytrue — inaccessible to JavaScript
Path/api/auth — sent only to auth endpoints
Max-Age86 400 seconds (24 hours)
SecureEnabled in production (COOKIE_SECURE=true)
Store the cookie with your HTTP client (e.g. -c cookies.txt in curl, a cookie jar in your SDK). It is required to call /refresh and /logout.

Error Responses

StatusCodeDescription
400VALIDATION_ERRORMissing or invalid fields — usuario or contrasenia failed class-validator checks
401UNAUTHORIZEDInvalid credentials — the external auth service rejected the supplied username/password
503SERVICE_UNAVAILABLEExternal auth service is unreachable or returned an unexpected error

Example

Request

curl -X POST http://localhost:4000/api/auth/login \
  -H 'Content-Type: application/json' \
  -c cookies.txt \
  -d '{"usuario": "jdoe", "contrasenia": "secret"}'

Success response

{
  "status": "success",
  "message": "Inicio de sesión exitoso",
  "data": {
    "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."
  }
}

Validation error response (400)

{
  "status": "error",
  "code": "VALIDATION_ERROR",
  "message": "El usuario es requerido"
}

Invalid credentials response (401)

{
  "status": "error",
  "code": "UNAUTHORIZED",
  "message": "Credenciales inválidas"
}

Build docs developers (and LLMs) love

Get started for freeTalk to us