Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/floriansalvi/HEIG-VD_Ocha-api/llms.txt

Use this file to discover all available pages before exploring further.

The login endpoint authenticates an existing user by verifying their email and password against the stored bcrypt hash. When credentials are valid, the API returns a signed JWT token along with the user’s basic profile data. The same generic error message is returned for both an unknown email and a wrong password to prevent user enumeration.
No authentication is required for this endpoint. It is publicly accessible.
Method: POST   Path: /api/v1/auth/login

Request body

email
string
required
The registered email address of the user. Matched case-insensitively (normalized to lowercase internally).
password
string
required
The user’s password in plain text. Compared against the bcrypt hash stored at registration.

Response — 200 OK

message
string
Human-readable confirmation. Value: "Login successful".
token
string
Signed JWT authentication token. Include this in the Authorization: Bearer <token> header for protected endpoints.
user
object
Basic profile data for the authenticated user.

Error codes

StatusMeaningCause
400 Bad RequestMissing required fieldemail or password is absent from the request body
401 UnauthorizedInvalid credentialsThe email is not registered, or the password does not match
500 Internal Server ErrorUnexpected errorAn unhandled server-side error occurred

Example

curl --request POST \
  --url https://api.example.com/api/v1/auth/login \
  --header 'Content-Type: application/json' \
  --data '{
    "email": "[email protected]",
    "password": "Password_123?"
  }'

{
  "message": "Login successful",
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "user": {
    "id": "6642f1a2c3d4e5f6a7b8c9d0",
    "email": "[email protected]",
    "display_name": "test_user"
  }
}

Build docs developers (and LLMs) love

Get started for freeTalk to us