🎉 Colares Editora 2.0 is released. Check repo →
POST Methods
/api/v1/user/login

POST /api/v1/user/login

Description

This endpoint facilitates user logins for existing accounts.

Users are required to input their username and password to gain access. If the user possesses the correct credentials and holds Administrator permissions (confirmed: True), a token will be generated.

The token is generated with a expiration date of 1 hour.

users.py
    token = jwt.encode({
        'username': user['username'],
        'exp': datetime.datetime.now(datetime.UTC) + datetime.timedelta(hours=1)
    }, current_app.config['SECRET_KEY'], algorithm='HS256')

Body (form data)

This endpoint expects the following data to be provided in the request body:

  • username: The username for the already existing account. (string)
  • password: The password for the already existing account. (string)

Request

Response

The response will indicate the success or failure of the login process.

Success Response

{
    "code": "200",
    "status": "Success",
    "message": "User logged in successfully",
    'token': "ayJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFkbWluIiwiZXhwIjoxNzE2NjU3MDg4fQ.zwwyASDHTwsP2OcxMmaKZTDRI02DapStIfPyLlZI3K4"
}

Bad Request (400)

If either the username or password is missing in the request.

{
    "code": "400",
    "status": "Bad Request",
    "message": "Username and password form is required"
}

Not Found (404)

If a user with the provided username don't exists.

{
    "code": "404",
    "status": "Not Found",
    "message": "User not registered"
}

Unauthorized (401)

If a user with the provided password is incorrect.

{
    "code": "401",
    "status": "Unauthorized",
    "message": "Incorrect password"
}

Forbidden (403)

If a user with the provided password and username don't possesses the correct credentials.

{
    "code": "403",
    "status": "Unauthorized",
    "message": "User not confirmed"
}
/api/v1/user/signup/api/v1/user/confirmation