Portal Login
Authenticate users through portal login to access protected resources.
Base URL: https://gate.zequenze.com/api/v1
Authentication: All endpoints require a Bearer token:
Authorization: Bearer <your-api-token>
Endpoints
POST /portal_login/
Executes portal login operation to authenticate a user and establish a session. This endpoint processes user credentials and returns authentication tokens for accessing protected portal resources.
Parameters:
| Parameter | Type | In | Required | Description |
|---|---|---|---|---|
| data | string | body | Yes | JSON string containing login credentials and authentication details |
Example Request:
POST /api/v1/portal_login/
Content-Type: application/json
{
"username": "user@example.com",
"password": "securepassword123",
"portal_id": "main-portal",
"remember_me": true
}
Example Response:
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"refresh_token": "def502004a8b7c...",
"token_type": "Bearer",
"expires_in": 3600,
"user": {
"id": 12345,
"username": "user@example.com",
"portal_access": true,
"permissions": ["read", "write"]
}
}
| Status | Description |
|---|---|
| 201 | Login successful, tokens generated |
| 400 | Invalid credentials or malformed request |
| 401 | Authentication failed |
| 429 | Too many login attempts |
Best Practices
- Secure transmission: Always use HTTPS when transmitting login credentials
- Token storage: Store access tokens securely and implement automatic refresh logic
- Rate limiting: Implement client-side delays between failed login attempts
- Error handling: Handle authentication errors gracefully without exposing sensitive information
- Session management: Use refresh tokens to maintain user sessions without re-authentication
- Validation: Validate credentials on the client side before sending requests to reduce unnecessary API calls