Skip to main content
POST
/
api
/
auth
/
login
Login
curl --request POST \
  --url https://api.example.com/api/auth/login
{
  "success": true,
  "message": "<string>",
  "data": {
    "token": "<string>",
    "user": {
      "name": "<string>",
      "email": "<string>",
      "role_id": 123
    }
  }
}

Description

Authenticates a user with email and password. Returns a JWT token that must be used in the Authorization header for protected endpoints. Automatically updates the user’s last_session field.

Authentication

This endpoint is public and does not require authentication.

Rate Limiting

  • Limit: 5 requests per 15 minutes per IP address
  • Error Message: “Demasiados intentos de inicio de sesión. Por favor, intente de nuevo en 15 minutos.”
  • Note: This strict rate limiting protects against brute force attacks

Request Body

email
string
required
User’s email address
password
string
required
User’s password

Response

success
boolean
Indicates if the request was successful
message
string
Human-readable response message
data
object
Response data containing authentication token and user information

Example Request

cURL
curl -X POST https://api.maqagr.com/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "juan@example.com",
    "password": "MiPassword123!"
  }'
JavaScript
const response = await fetch('https://api.maqagr.com/api/auth/login', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    email: 'juan@example.com',
    password: 'MiPassword123!'
  })
});

const data = await response.json();
const token = data.data.token;

// Use token in subsequent requests
const protectedResponse = await fetch('https://api.maqagr.com/api/auth/profile', {
  headers: {
    'Authorization': `Bearer ${token}`
  }
});
Python
import requests

response = requests.post(
    'https://api.maqagr.com/api/auth/login',
    json={
        'email': 'juan@example.com',
        'password': 'MiPassword123!'
    }
)

data = response.json()
token = data['data']['token']

# Use token in subsequent requests
protected_response = requests.get(
    'https://api.maqagr.com/api/auth/profile',
    headers={'Authorization': f'Bearer {token}'}
)

Success Response (200)

{
  "success": true,
  "message": "Inicio de sesión exitoso",
  "data": {
    "token": "eyJhbGciOiJIUzI1NiIs...",
    "user": {
      "name": "Juan Pérez",
      "email": "juan@example.com",
      "role_id": 2
    }
  }
}

Error Responses

400 - Missing Credentials

{
  "success": false,
  "message": "Email y contraseña son requeridos"
}

401 - Invalid Credentials

{
  "success": false,
  "message": "Credenciales inválidas"
}

401 - Inactive User

{
  "success": false,
  "message": "Usuario inactivo o suspendido"
}

429 - Too Many Requests (Rate Limit)

{
  "success": false,
  "message": "Demasiados intentos de inicio de sesión. Por favor, intente de nuevo en 15 minutos."
}

500 - Internal Server Error

{
  "success": false,
  "message": "Error interno del servidor"
}