POST /api/auth/login — authenticate a user

The login endpoint accepts two authentication paths: standard credential login (username or email plus password) and Google login (email only, or with a googleId). On success it returns the sanitized user object — no password hash is ever included. Accounts that sign in via Google are auto-created on first login with the OPERATOR role.

Request body

Standard login
Google login

Provide either username or email together with password.

username

string

The user’s unique username. Used as the primary lookup key. Either username or email must be present.

string

The user’s email address. Used as a fallback lookup when username is not supplied.

password

string

required

The user’s password in plain text. Verified against the stored BCrypt hash. Legacy plain-text passwords are automatically upgraded to BCrypt on first successful login.

Provide email without password to trigger the Google path. Supply googleId, name, and avatar when available.

string

required

The Google account email address. Used to look up or create the user record.

googleId

string

The Google OAuth subject identifier. When present, forces the Google login path regardless of other fields.

name

string

Display name from Google. Stored as fullName when creating a new account. Falls back to email if omitted.

avatar

string

URL of the Google profile picture. Stored as avatar on the new user record.

Response

A 200 OK response returns the user object directly.

number

required

Auto-incremented integer primary key.

username

string

required

Unique username. For Google-created accounts this is set to the user’s email address.

fullName

string

The user’s display name.

string

The user’s email address.

phone

string

Optional phone number.

avatar

string

URL of the user’s profile picture.

role

string

required

The user’s role. One of ADMIN, AGRONOMIST, OPERATOR, VIEWER, or USER.

active

boolean

required

Whether the account is active. Defaults to true on creation.

createdAt

string

required

ISO 8601 datetime when the account was created.

greenhouseIds

number[]

required

List of greenhouse IDs the user has access to. Empty array if none are assigned.

Error responses

Status	`error` value	Cause
`401`	`Usuario no encontrado`	No user matched the provided username or email.
`401`	`Contraseña incorrecta`	The password did not match the stored hash.

Examples

Standard login
Google login

curl --request POST \
  --url http://localhost:8080/api/auth/login \
  --header 'Content-Type: application/json' \
  --data '{
    "email": "john@example.com",
    "googleId": "1234567890",
    "name": "John Doe",
    "avatar": "https://lh3.googleusercontent.com/photo.jpg"
  }'

Success response

{
  "id": 42,
  "username": "john_doe",
  "fullName": "John Doe",
  "email": "john@example.com",
  "phone": null,
  "avatar": null,
  "role": "OPERATOR",
  "active": true,
  "createdAt": "2024-03-15T10:22:00",
  "greenhouseIds": [1, 3]
}

Error response

{
  "error": "Contraseña incorrecta"
}

Authentication

Greenhouses & Crops

Sensors & Readings

Actuators & Rules

Alerts & Support

Devices & Users

POST /api/auth/login — authenticate a user

Request body

Response

Error responses

Examples

Success response

Error response

Build docs developers (and LLMs) love

Authentication

Greenhouses & Crops

Sensors & Readings

Actuators & Rules

Alerts & Support

Devices & Users

Documentation Index

​Request body

​Response

​Error responses

​Examples

​Success response

​Error response

Build docs developers (and LLMs) love

Request body

Response

Error responses

Examples

Success response

Error response