Documentation Index
Fetch the complete documentation index at: https://mintlify.com/DincaAlex/unilink/llms.txt
Use this file to discover all available pages before exploring further.
POST /api/login is the only authentication endpoint in the UniLink API. It looks up the submitted credentials in the users table and, on success, returns the account’s email and role. The client uses the role value to decide which interface to render — the student dashboard or the company portal — so it is important that the correct account is used for each workflow.
Endpoint
Request body
The user’s registered email address.
The user’s password. Passwords are stored and compared as plain text in this prototype.
Response fields
The authenticated user’s email address, echoed back from the database row.
The user’s role. Either
estudiante (student) or empresa (company).Examples
Student login
Company login
Error response — 401 Unauthorized
When the email does not exist in the database or the password does not match, the server returns HTTP401 with a Spanish-language error message:
Role-based access
After a successful login, the
role value drives the entire React application:estudiante— shows the student feed, application tracker, and student profile editor.empresa— shows the company portal, posted-jobs card, and company profile editor, and also enablesPOST /api/jobs.
POST /api/jobs as a company user, the frontend sends the stored role as the x-role: empresa request header. Requests to that endpoint without the correct header value receive a 403 Forbidden response.Security warning
How the frontend uses this endpoint
The React app calls this endpoint through thelogin(email, password) function defined in src/lib/api.js. On a successful response, the returned object is persisted to localStorage via the useLocalStorageState hook and placed into the global AppDataContext, making the email and role values available to every component without additional network requests.
The login page also ships two quick-fill buttons — “Ver como estudiante” and “Ver como empresa” — that pre-populate the form with the two demo accounts seeded into the database on first run.