Admin login

Question

Closed this issue 8 years ago · 3 comments

Implement admin login using JWT.

Provide a login endpoint (username + password) that returns a JWT token upon success.

The JWT token can be used for subsequent admin API calls.

Answer 1 · 2016-10-17T13:04:11.000Z

The following endpoint should be created to allow administrators to login:

  POST /admin/login

  {
    "username": String,
    "password": String
  }

On success:

  {
    "token": String
  }

Answer 2 · 2016-10-17T13:12:27.000Z

Common error format for request failures:

  {
    "error": {
      "code": String,
      "target": String,
      "details": [Error]
    }
  }

Answer 3 · 2016-10-17T13:15:53.000Z

Remark:

The admin password can be stored in plain text format for now, but in the future it will be BCrypt'd by the Bootstrapper.