POST /api/login
Authenticates a user and returns a JWT token.
Endpoint
POST /api/login
Headers
| Header | Value | Required |
|---|---|---|
| Content-Type | application/json | Yes |
Request Body
{
"email": "string",
"password": "string"
}
| Field | Type | Required | Description |
|---|---|---|---|
| string | Yes | User email address | |
| password | string | Yes | Password |
Success Response
Code: 200 OK
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE3MDUzMTIzNDUsImV4cCI6MTcwNTMxNTk0NSwicm9sZXMiOlsiUk9MRV9BRE1JTiJdLCJlbWFpbCI6ImFkbWluQHBjaC1zaWcuc24ifQ...",
"refresh_token": "d1f2a3b4c5e6f7g8h9i0j1k2l3m4n5o6p7q8r9s0",
"user": {
"id": 1,
"email": "admin@pch-sig.sn",
"nomComplet": "Administrateur",
"roles": ["ROLE_ADMIN"]
}
}
| Field | Type | Description |
|---|---|---|
| token | string | JWT access token (duration: 1 hour) |
| refresh_token | string | Refresh token (duration: 7 days) |
| user | object | Connected user information |
Error Responses
401 Unauthorized - Invalid credentials
{
"code": 401,
"message": "Invalid credentials."
}
400 Bad Request - Missing data
{
"code": 400,
"message": "The key \"email\" must be provided."
}
403 Forbidden - Account disabled
{
"code": 403,
"message": "Account is disabled."
}
Examples
cURL
curl -X POST https://sig.ucp-pch.org/api/login \
-H "Content-Type: application/json" \
-d '{
"email": "admin@pch-sig.sn",
"password": "Admin123!"
}'
JavaScript
const login = async (email, password) => {
const response = await fetch('https://sig.ucp-pch.org/api/login', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({ email, password })
});
if (!response.ok) {
throw new Error('Authentication failed');
}
const data = await response.json();
// Store the token
localStorage.setItem('token', data.token);
localStorage.setItem('refresh_token', data.refresh_token);
return data;
};
Python
import requests
response = requests.post(
'https://sig.ucp-pch.org/api/login',
json={
'email': 'admin@pch-sig.sn',
'password': 'Admin123!'
}
)
if response.status_code == 200:
data = response.json()
token = data['token']
print(f"Connected as {data['user']['email']}")
else:
print(f"Error: {response.json()['message']}")
Using the token
Once the token is obtained, include it in the Authorization header for subsequent requests:
curl https://sig.ucp-pch.org/api/menages \
-H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9..."
JWT Token Structure
The token contains the following information (decoded payload):
{
"iat": 1705312345,
"exp": 1705315945,
"roles": ["ROLE_ADMIN"],
"email": "admin@pch-sig.sn",
"user_id": 1
}
| Field | Description |
|---|---|
| iat | Creation timestamp |
| exp | Expiration timestamp |
| roles | User roles |
| User email | |
| user_id | User ID |
Notes
- The token expires after 1 hour
- Use the
refresh_tokento obtain a new token without re-entering credentials - Never store the token in an insecure location
- In production, always use HTTPS