Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Manuelfg1985/Proyecto_Final_26/llms.txt

Use this file to discover all available pages before exploring further.

This endpoint issues a signed JWT token to authenticated administrators. On a successful request, credentials supplied in the request body are compared against the ADMIN_EMAIL and ADMIN_PASSWORD environment variables configured on the server. If both values match, a token signed with JWT_SECRET is returned and must be included as a Bearer token in the Authorization header of every subsequent call to protected endpoints.

Method and path

FieldValue
MethodPOST
Path/api/auth/login
AuthNone required
Content-Typeapplication/json

Request body

email
string
required
Admin email address. Must match the value stored in the ADMIN_EMAIL environment variable on the server.
password
string
required
Admin password. Must match the value stored in the ADMIN_PASSWORD environment variable on the server. Compared with a strict equality check against the stored credential.

Responses

200 OK — Credentials are valid. Returns a success message and the signed JWT token.
message
string
Confirmation string. Value: "Login exitoso".
token
string
Signed JWT token. Include this value in the Authorization: Bearer <token> header for all protected requests.

400 Bad Request — One or both fields are missing from the request body.
{ "message": "Email y contraseña son requeridos" }
401 Unauthorized — Both fields were provided but at least one does not match the stored credentials.
{ "message": "Credenciales inválidas" }
500 Internal Server Error — An unexpected error occurred on the server.
{ "message": "Error en el servidor" }

Example

curl -X POST https://proyecto-final-26-6tn2.vercel.app/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email": "[email protected]", "password": "MiPassword123"}'
The returned token expires 1 hour after it is issued. Once it expires you must call this endpoint again to obtain a fresh token before accessing any protected route.

Build docs developers (and LLMs) love