1. Auth
Personal Finance Tracker
  • Personal Finance Tracker
  • Auth
    • Register
      POST
    • Login
      POST
    • Email Verification
      POST
    • Forgot Password
      POST
    • Reset Password
      POST
    • Resend Verification Code
      POST
  • Finance
    • Wallet
      • Create Wallet
      • Get All Wallet
      • Get Detail Wallet
    • Transaction
      • Create New Transaction
      • Get Summary By WalletId
      • Delete Transaction
      • Update Transaction
      • Get Summary
    • Category
      • Create Category
      • Get All Category
    • Budget
      • Create Budget
      • Get All
      • Get Detail
  • User
    • Get My Profile
      GET
  • Schemas
    • Finance
      • Wallet
  1. Auth

Login

Developing
POST
/api/v1/auth/login

API Documentation: Login Endpoint#

User Login#

Description: This endpoint allows existing users to log in to their account using their email and password. Upon successful login, an access token is returned.

Request#

Headers#

Content-Type: application/json

Body Parameters#

ParameterTypeRequiredDescription
emailstringYesThe email address of the user.
passwordstringYesThe password for the account.

Example Request#

POST /api/v1/auth/login
Content-Type: application/json

{
    "email": "user@example.com",
    "password": "yourSecurePassword"
}

Response#

Success Response#

Status Code: 200 OK
Response Body:
{
    "status": "success",
    "message": "Login successfully",
    "data": {
        "token": "yourAccessToken",
        "id": 1,
        "email": "user@example.com",
        "name": "John Doe"
    }
}

Error Responses#

400 Bad Request
Response Body:
{
    "status": "error",
    "message": "Email and Password are required"
}
401 Unauthorized
Response Body:
{
    "status": "error",
    "message": "Invalid email or password"
}
403 Forbidden
Response Body:
{
    "status": "error",
    "message": "Please verify your email"
}

Workflow#

1.
Input Validation: The API checks if both email and password are provided in the request body. If either is missing, a 400 Bad Request error is returned.
2.
User Retrieval: The API attempts to retrieve the user associated with the provided email address.
3.
Verification Check: If the user is found but their email is not verified, a 403 Forbidden error is returned, prompting the user to verify their email.
4.
Password Comparison: The provided password is compared against the stored hashed password. If the passwords do not match, a 401 Unauthorized error is returned.
5.
Token Generation: If the login is successful, an access token is generated, which includes the user's ID and email.
6.
Response: A success response is sent back to the client, including the access token and user details.

Notes#

Ensure that the password is stored securely using hashing techniques.
The access token returned should be stored securely on the client side for subsequent API calls that require authentication.

Request

Authorization
Provide your bearer token in the
Authorization
header when making requests to protected resources.
Example:
Authorization: Bearer ********************
Body Params application/json

Example
{
    "email": "hi@liupurnomo.com",
    "password": "Password321!"
}

Request Code Samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST '/api/v1/auth/login' \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "hi@liupurnomo.com",
    "password": "Password321!"
}'

Responses

🟢200Success
application/json
Body

Example
{}
Modified at 2024-10-06 04:32:27
Previous
Register
Next
Email Verification
Built with