Skip to content
My Docs

Login with email and password

POST
/sessions

Will generate a session token for the user using email and password

Flow:

  1. Validate request.
    - email and password are required.
    - device info are coming from headers, and they’re optional.
  2. Validate user with the email should exists
  3. Validate user status is not blocked or paused
  4. Validate password should be correct
  5. Insert to device table
  6. Generate refresh token and insert to refresh_token table
  7. Update user’s last_active_at
  8. Generate JWT access token and return to user.

Authorizations

Section titled “Authorizations ”

Request Body

Section titled “Request Body ”

LoginEmailRequest

object
email
string
ivan+rdh+fl@joingotu.com
password
string
1234567890
turnstileToken
string

Responses

Section titled “ Responses ”

200

Section titled “200 ”

OK

object
data
object
accessToken
string
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoLXNlcnZpY2UiLCJzdWIiOiI2NWI4YTE2MjYzNTEyNjAwMTI3YTQxYTQiLCJleHAiOjE3MzkyNzYwNzMsIm5iZiI6MTczOTI3NTE3MywiaWF0IjoxNzM5Mjc1MTczLCJqdGkiOiJjdWxqbjlhc3A1anJmam83NWdiZyIsImlkIjoiNjViOGExNjI2MzUxMjYwMDEyN2E0MWE0IiwidXNlclR5cGUiOiJETlQiLCJpc0FkbWluIjp0cnVlLCJkZXZpY2VJZCI6MzE4M30.ZuzROGxJ1pq_veRe93Z8bfS5YTzmAp5_wrzTUmvLzk8
expiresIn
integer
900
refreshToken
string
culjn9asp5jrfjo75gc0
tokenType
string
Bearer

400

Section titled “400 ”

Bad request

object
error
string
some meaningful error message

401

Section titled “401 ”

Unauthorized

object
error
string
some meaningful error message

403

Section titled “403 ”

Forbidden

object
error
string
some meaningful error message

404

Section titled “404 ”

Not found

object
error
string
some meaningful error message

500

Section titled “500 ”

Internal server error

object
error
string
some meaningful error message