Skip to main content

POST /api/auth/login

Authenticates a user with email and password credentials.

Authentication

No authentication required.

Request Body

email
string
required
Valid email address associated with the account.
password
string
required
User’s account password.

Request Example

{
  "email": "[email protected]",
  "password": "securePassword123"
}

Response

message
string
Success message confirming authentication.
user
object
Authenticated user data.
user.id
number
User’s unique identifier.
user.email
string
User’s email address.
user.points
string
User’s current points balance.

Success Response (200 OK)

{
  "message": "User authenticated",
  "user": {
    "id": 42,
    "email": "[email protected]",
    "points": "1500"
  }
}

Error Responses

404 Not Found - User Does Not Exist

{
  "error": "User not found"
}

403 Forbidden - Account Not Confirmed

{
  "error": "Account not confirmed"
}

401 Unauthorized - Invalid Credentials

{
  "error": "Invalid credentials"
}

400 Bad Request - Validation Errors

{
  "errors": [
    {
      "msg": "Email not valid",
      "param": "email"
    },
    {
      "msg": "password is mandatory",
      "param": "password"
    }
  ]
}

500 Internal Server Error

{
  "error": "User not authenticated"
}

cURL Example

curl -X POST https://api.example.com/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "securePassword123"
  }'

Notes

  • Account must be confirmed before login is allowed
  • Password is validated against the hashed password in the database
  • Rate limiting is applied to this endpoint
  • Session/JWT token handling should be implemented client-side

Build docs developers (and LLMs) love

Get started for freeTalk to us