EMS-UGC API Docs
Dashboard

Auth

Authentication & Authorization API

Base URL: http://192.168.100.250/


Endpoints

MethodEndpointDescription
GET/csrfGet CSRF token
POST/loginAuthenticate user
POST/logoutLogout user

Get CSRF Token

GET /csrf
Accept: application/json

Response:

{
  "token": "abc123def456..."
}

Login

POST /login
Content-Type: application/json

Request Body:

{
  "email": "admin@ems.edu.np",
  "password": "secret123"
}

Response (200):

{
  "success": true,
  "message": "Login successful",
  "data": {
    "user": {
      "id": 1,
      "name": "Admin",
      "email": "admin@ems.edu.np",
      "role": "superadmin"
    }
  }
}

Error Response (401):

{
  "success": false,
  "message": "Invalid credentials"
}

Error Response (422):

{
  "success": false,
  "message": "Validation failed",
  "errors": {
    "email": ["The email field is required."],
    "password": ["The password field is required."]
  }
}

Logout

POST /logout
Accept: application/json
X-CSRF-TOKEN: <token>

Response (200):

{
  "success": true,
  "message": "Logged out successfully"
}

Notes

  • Session cookie is set on successful login — include it in all subsequent requests
  • Use credentials: 'same-origin' in fetch calls to send cookies
  • CSRF token must be refreshed after each page load

On this page