Skip to content

Latest commit

 

History

History
69 lines (56 loc) · 1.34 KB

auth_login.md

File metadata and controls

69 lines (56 loc) · 1.34 KB

back

Logging in

Logging into the radar. If a matching pair of username and password are provided, the server generates and issues a JWT (JSON Web Token) representing the current session until logged out or the JWT expires.

Any request to a resource that requires at least an authenticated user requires the JWT to be sent along as a coockie.

For security reasons, the endpoint expects the transport layer to be encrypted, as passwords are transmitted in cleartext.

Request

  • URL: /api/v1/user/login
  • Method: POST
  • URL Params: n/a
  • Body Params:
    • name: String - The username
    • password: String - The corresponding password (in cleartext) Example:
{  
    "name": "testadmin", 
    "password": "admin123" 
}

Response

  • Status code: 200 OK
  • Set-Cookie: jwt=...
  • Body:
{
    "status": "success",
    "token": ...,
    "data": {
        "user": {
            "role": "admin",
            "_id": "5e90544685e0a968e5eea8c6",
            "name": "admin",
            "email": "[email protected]"
        }
    }
}

OR

  • Status code: 400 Bad Request
  • Body:
{
    "status": "fail",
    "message": "Please provide name and password!"
}

OR

  • Status code: 401 Unauthorized
  • Body:
{
    "status": "fail",
    "message": "Incorrect name or password"
}

back