TheDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/danielsl4/TFG_DAM_2526/llms.txt
Use this file to discover all available pages before exploring further.
/login endpoint validates credentials and returns a signed JWT. Pass this token in the Authorization header as Bearer <token> on every subsequent request that requires authentication.
Token lifetime depends on the account role: 7 days for regular users, 6 hours for admin and referee accounts.
This endpoint is rate-limited to 10 requests per IP address per 15-minute window using a Redis-backed store. Exceeding the limit returns a 429 Too Many Requests response.
Request
Method:POSTPath:
/login
Body parameters
The account’s username, as provided during registration.
The account’s plain-text password. Verified against the stored bcrypt hash.
Response
200 OK
Credentials are valid. The response contains a single JWT field.Signed JWT. Use as
Authorization: Bearer <token> in requests to protected endpoints. Expiry: 7 days for user role, 6 hours for admin and referee roles.Errors
| Status | Condition |
|---|---|
400 Bad Request | username or password is missing from the request body. |
401 Unauthorized | No account found for the given username, or the password does not match. The response message is intentionally identical for both cases to prevent user enumeration. |
429 Too Many Requests | Rate limit exceeded. Retry after 15 minutes. |
500 Internal Server Error | Database error or JWT signing failure. |
Example
200 response