Skip to main content

Login

Authenticates a user by validating their email and password credentials. Returns the user object on successful authentication.

Endpoint

POST /api/auth/login

Request Body

email
string
required
The user’s email address
password
string
required
The user’s password in plain text

Response

Success Response (200 OK)

Returns the authenticated user object.
id
long
Unique identifier for the user
username
string
The user’s username
email
string
The user’s email address
password_hash
string
The hashed password (BCrypt)
firstname
string
The user’s first name
lastname
string
The user’s last name
phone_number
string
The user’s phone number
role
string
The user’s role in the system
is_active
boolean
Whether the user account is active
created_at
timestamp
When the user account was created
updated_at
timestamp
When the user account was last updated
profileImage
string
URL or path to the user’s profile image

Error Responses

401 Unauthorized

Returned when the email does not exist or the password is incorrect. No response body is returned.

Example

Request

curl -X POST http://localhost:8080/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "mySecurePassword123"
  }'

Response (200 OK)

{
  "id": 1,
  "username": "johndoe",
  "email": "[email protected]",
  "password_hash": "$2a$10$abcdefghijklmnopqrstuv",
  "firstname": "John",
  "lastname": "Doe",
  "phone_number": "+1234567890",
  "role": "user",
  "is_active": true,
  "created_at": "2026-01-15T10:30:00Z",
  "updated_at": "2026-02-20T14:45:00Z",
  "profileImage": "/images/profiles/user1.jpg"
}

Response (401 Unauthorized)

No body returned

Build docs developers (and LLMs) love

Get started for freeTalk to us