Admin Login

​

Admin Login

​

Authentication

​

Request Body

​

Response

​

Error Responses

• 401 - Unauthorized (invalid credentials)
• 403 - Forbidden (user does not have admin privileges)
• 404 - User not found in database
• 500 - Internal server error

​

Example Request

curl -X POST https://api.vaniyk.com/api/auth/admin/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "adminSecurePass456"
  }'

​

Example Success Response

{
  "message": "Admin login successful",
  "user": {
    "id": "507f1f77bcf86cd799439012",
    "email": "[email protected]",
    "name": "Jane Admin",
    "role": "admin"
  },
  "session": {
    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "refresh_token": "v1.MRjoP7GqRGKK9Sh91...",
    "expires_in": 3600,
    "user": {
      "id": "d2f3a8b9-1c4e-5f6g-7h8i-9j0k1l2m3n4o",
      "email": "[email protected]",
      "aud": "authenticated",
      "role": "authenticated"
    }
  }
}

​

Example Error Response (Non-Admin User)

{
  "error": "Access denied. Admin privileges required."
}

​

Usage Notes

• This endpoint should be used exclusively for admin authentication flows
• Authentication credentials are verified first, then admin role is checked
• If a regular user tries to login through this endpoint, they will receive a 403 error even with valid credentials
• Store the access_token securely and include it in the Authorization header for subsequent admin API requests
• The token allows access to admin-protected endpoints throughout the API