Skip to main content
POST
/
login
User Login
curl --request POST \
  --url https://api.example.com/login \
  --header 'Content-Type: application/json' \
  --data '
{
  "email": "<string>",
  "password": "<string>"
}
'
{
  "mensaje": "<string>",
  "exito": true,
  "usuario": "<string>",
  "nombre": "<string>",
  "apellidos": "<string>"
}

Endpoint

POST /login
Authenticates a user by email and password, returning their profile information on success.

Request Body

The request uses the UsuarioRegistro Pydantic model (only email and password fields are used):
email
string
required
User’s email address
password
string
required
User’s password
The nombre and apellidos fields from UsuarioRegistro are ignored during login.

Response

Success Response

mensaje
string
Success message: "Login correcto"
exito
boolean
Always true for successful login
usuario
string
User’s email address
nombre
string
User’s first name (may be null)
apellidos
string
User’s last name (may be null)
{
  "mensaje": "Login correcto",
  "exito": true,
  "usuario": "[email protected]",
  "nombre": "Juan",
  "apellidos": "García"
}

Failed Response

mensaje
string
Error message: "Credenciales incorrectas"
exito
boolean
Always false for failed login
{
  "mensaje": "Credenciales incorrectas",
  "exito": false
}

Special Cases

Admin User

The system has special handling for the admin account ([email protected]). This user is:
  • Excluded from student lists
  • Exempt from exam participation tracking
  • Returned empty data for student activity endpoints
Admin login works the same as regular users but with elevated privileges in other endpoints.

Examples

cURL

curl -X POST http://localhost:8000/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "securepass123"
  }'

Python (requests)

import requests

url = "http://localhost:8000/login"
credentials = {
    "email": "[email protected]",
    "password": "securepass123"
}

response = requests.post(url, json=credentials)
result = response.json()

if result["exito"]:
    print(f"Welcome, {result['nombre']} {result['apellidos']}!")
    print(f"Email: {result['usuario']}")
    # Store user session data
    user_data = {
        "email": result["usuario"],
        "nombre": result["nombre"],
        "apellidos": result["apellidos"]
    }
else:
    print(f"Login failed: {result['mensaje']}")

JavaScript (axios)

const axios = require('axios');

const loginUser = async (email, password) => {
  try {
    const response = await axios.post('http://localhost:8000/login', {
      email: email,
      password: password
    });
    
    if (response.data.exito) {
      console.log(`Welcome, ${response.data.nombre} ${response.data.apellidos}!`);
      
      // Store in session/localStorage
      const userData = {
        email: response.data.usuario,
        nombre: response.data.nombre,
        apellidos: response.data.apellidos
      };
      
      return userData;
    } else {
      console.error(`Login failed: ${response.data.mensaje}`);
      return null;
    }
  } catch (error) {
    console.error('Request failed:', error.message);
    return null;
  }
};

// Usage
loginUser('[email protected]', 'securepass123');

React Example

import { useState } from 'react';
import axios from 'axios';

function LoginForm() {
  const [email, setEmail] = useState('');
  const [password, setPassword] = useState('');
  const [error, setError] = useState('');

  const handleLogin = async (e) => {
    e.preventDefault();
    
    try {
      const response = await axios.post('http://localhost:8000/login', {
        email,
        password
      });
      
      if (response.data.exito) {
        // Store user data and redirect
        localStorage.setItem('user', JSON.stringify({
          email: response.data.usuario,
          nombre: response.data.nombre,
          apellidos: response.data.apellidos
        }));
        window.location.href = '/dashboard';
      } else {
        setError(response.data.mensaje);
      }
    } catch (err) {
      setError('Error connecting to server');
    }
  };

  return (
    <form onSubmit={handleLogin}>
      <input
        type="email"
        value={email}
        onChange={(e) => setEmail(e.target.value)}
        placeholder="Email"
        required
      />
      <input
        type="password"
        value={password}
        onChange={(e) => setPassword(e.target.value)}
        placeholder="Password"
        required
      />
      {error && <div className="error">{error}</div>}
      <button type="submit">Login</button>
    </form>
  );
}

Implementation Notes

  • Uses SQL query with plain text password comparison (⚠️ security concern)
  • Returns RealDictCursor results for easy JSON serialization
  • No session token or JWT is generated - client must store user data
  • Database connection is properly closed in the finally block
  • HTTP 500 error is raised if database connection fails

Build docs developers (and LLMs) love

Get started for freeTalk to us