Login API Documentation

1. Login Endpoint

POST /api/auth/login

This endpoint is used for user login. It authenticates the user based on their username and password. If the login is successful, the user's session is created, and the user can access protected endpoints.

Request Body (JSON)

{
"username": "string",
"password": "string"
}

Response

• 200 OK: Successfully logged in, returns a success message.

"Login successful"

• 401 Unauthorized: Invalid credentials or incorrect password.

"Invalid credentials"

2. Logout Endpoint

POST /api/auth/logout

This endpoint logs the user out by invalidating the current session.

Response

200 OK: Successfully logged out.

"Logout successful"

3. Session Check Endpoint

GET /api/auth/me

This endpoint checks if the user is currently logged in. It returns the current user’s data if the user is logged in.

Response

200 OK: Returns user data if logged in.

{
"id": "string",
"username": "string",
"email": "string",
"role": "string"
}

401 Unauthorized: If the user is not logged in.

"Not logged in"

How to Use

Login:

Send a POST request to /api/auth/login with the username and password in the request body.

Logout:

Send a POST request to /api/auth/logout to log out the user.

Session Check:

Use the GET request to /api/auth/me to check if the user is logged in.

Example Request using Postman or cURL:

• Login Request:

Method: POST
URL: http://localhost:8080/api/auth/login
Body (JSON):
json
{
"username": "student1",
"password": "password123"
}

• Logout Request:

Method: POST
URL: http://localhost:8080/api/auth/logout

• Session Check Request:

Method: GET
URL: http://localhost:8080/api/auth/me

Example Accounts

Here are some example accounts you can use for testing:

• Student Account

Username: student1
Password: password123
Role: STUDENT

• Admin Account

Username: admin1
Password: adminpassword
Role: ADMIN