Portal Login

The Portal Login API ~~provides secure~~enables authentication ~~functionality~~and session management for ~~accessing~~captive ~~the~~portal ~~GATE system portal.~~networks. This endpoint handles user authentication ~~and~~flows, ~~session~~captures ~~management,~~device ~~returning the necessary tokens~~information, and ~~user~~establishes ~~information~~network access sessions with configurable timeout parameters for ~~subsequent~~WiFi ~~API~~hotspots ~~calls.~~and access control systems.

Base URL: https://gate.zequenze.com/api/v1

Authentication: ~~This~~All ~~endpoint is used to obtain authentication tokens and does not~~endpoints require a Bearer token:

Authorization: Bearer <your-api-token>
itself.

Overview

The Portal Login API category ~~contains~~provides essential functionality for captive portal authentication systems. When users connect to a ~~single~~WiFi ~~but~~network ~~crucial~~with ~~endpoint~~a ~~that~~captive ~~serves~~portal, asthis ~~the~~API ~~entry~~processes ~~point~~their ~~for~~login ~~user~~attempts ~~authentication~~and inestablishes ~~the~~authenticated ~~GATE~~sessions.

~~system.~~

Key ~~This endpoint is designed to:~~Concepts:

~~Authenticate~~ ~~user~~Captive ~~credentials~~Portal ~~against~~Authentication: ~~the~~Intercepts ~~GATE~~network ~~system~~traffic until users authenticate
~~Establish~~ ~~secure~~Device Tracking: Captures MAC addresses and IP information for access control

Session Management: Establishes time-based access sessions ~~for~~with ~~portal~~configurable ~~access~~timeouts ~~Return~~ ~~authentication~~Network ~~tokens~~Integration: ~~for~~Works ~~subsequent~~with ~~API~~access ~~requests~~ ~~Provide user profile information~~points and ~~permissions~~network ~~after successful login~~controllers

~~Unlike~~Common ~~other~~Integration ~~API~~Scenarios:

~~endpoints~~ Hotel WiFi login systems that require ~~authentication,~~room credentials Coffee shop hotspots with social media authentication Corporate guest networks with sponsor approval workflows Public WiFi systems with terms of service acceptance Retail environments with customer registration portals

The API handles the ~~portal~~technical ~~login~~aspects ~~endpoint~~of issession ~~publicly~~establishment ~~accessible~~while ~~but~~allowing ~~requires~~flexibility ~~valid~~in authentication methods and user ~~credentials~~experience in the request body. The response from a successful login typically includes access tokens, refresh tokens, user profile data, and session information that will be used for all subsequent authenticated requests.

This endpoint is essential for any application or service that needs to integrate with the GATE portal functionality, whether it's a web application, mobile app, or automated system requiring authenticated access.design.

Endpoints

POST /portal_login/

Description: ~~Authenticates user credentials and establishes~~Executes a portal login operation to authenticate a user and establish a network access session. This endpoint processes authentication data, validates credentials, and creates an authorized session for the ~~provided~~requesting ~~login credentials against the GATE system and returns authentication tokens along~~device with ~~user~~configurable ~~profile~~timeout ~~information upon successful authentication.~~parameters.

Use Cases:

~~User~~Authenticate hotel guests using room number and last name

Process social media login credentials for ~~web~~public ~~applications~~WiFi ~~integrating~~access Validate corporate guest access with ~~GATE~~sponsor ~~portal~~approval ~~Mobile~~Register ~~app~~new ~~authentication~~users ~~flows~~for retail WiFi with email verification ~~Automated~~Accept ~~system~~terms ~~authentication~~of service for ~~scheduled~~public ~~tasks~~hotspot ~~Single sign-on (SSO) integration scenarios~~ ~~API client initialization requiring user context~~access

Full URL Example:

https://gate.zequenze.com/api/v1/portal_login/

Parameters:

Parameter	Type	In	Required	Description
data	string	body	Yes	JSON string containing ~~user credentials~~authentication and device information for portal login ~~parameters. Must include username/email and password at minimum.~~

Request Body Structure: The data parameter should contain a JSON ~~string~~object with ~~the~~authentication ~~following~~details, ~~structure:~~device information, and session parameters.

{
  "username": "user@example.com",
  "password": "user_password",
  "remember_me": true,
  "device_id": "unique_device_identifier"
}

cURL Example:

curl -X POST "https://gate.zequenze.com/api/v1/portal_login/" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "data": "{\"username\uid\":\"user@example.guest@hotel.com\",\"password\mac\":\"secure_password\aa:bb:cc:dd:ee:ff\",\"remember_me\":true,\"device_id\ap_mac\":\"web_client_001\11:22:33:44:55:66\"},\"ip\":\"192.168.1.100\",\"original_url\":\"https://google.com\",\"controller_address\":\"192.168.1.1\",\"session_timeout\":7200,\"idle_timeout\":1800}"
  }'

Example Response:

{
  "success": true,
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 3600,
  "user": {
    "id"page_id": 12345,
  "username"original_url": "user@example.https://google.com",
  "email"ap_mac": "user@example.11:22:33:44:55:66",
  "mac": "aa:bb:cc:dd:ee:ff",
  "ip": "192.168.1.100",
  "uid": "guest@hotel.com",
  "first_name"controller_address": "John"192.168.1.1",
  "last_name"session_timeout": "Doe",7200,
  "organization_id"idle_timeout": 789,
    "organization_name": "ACME Corporation",
    "role": "admin",
    "permissions": [
      "device_management",
      "user_management",
      "reporting"
    ],
    "last_login": "2024-01-15T10:30:00Z",
    "profile_complete": true
  },
  "session": {
    "session_id": "sess_abc123def456",
    "expires_at": "2024-01-15T14:30:00Z",
    "device_registered": true
  }1800
}

Response Fields:

Field Type Required Description page_id integer Yes Unique identifier for this portal session page original_url string No The URL the user was trying to access when redirected to the portal ap_mac string Yes MAC address of the access point handling this connection mac string Yes MAC address of the user's device ip string Yes IP address assigned to the user's device uid string Yes User identifier (email, username, or other reference) controller_address string No IP address of the network controller managing the session session_timeout integer No Maximum session duration in seconds (e.g., 7200 = 2 hours) idle_timeout integer No Idle timeout in seconds before session expires (e.g., 1800 = 30 minutes)

Response Codes:

Status	Description
201	Success - ~~User~~Portal ~~authenticated~~login ~~successfully,~~completed and session ~~created~~established
400	Bad Request - Invalid ~~request~~data format or missing required fields
401	Unauthorized - Invalid ~~credentials~~or ~~provided~~missing API token
~~403~~422	~~Forbidden~~Unprocessable Entity - ~~Account~~Authentication ~~locked, suspended,~~failed or ~~requires~~device ~~additional verification~~

~~429~~ ~~Too Many Requests - Rate limit exceeded for login attempts~~blocked 500 Internal Server Error - ~~Server-side~~Portal ~~authentication~~system ~~error~~unavailable

Common Use Cases

Use Case 1: WebHotel ApplicationGuest UserWiFi LoginAuthentication

~~Implement~~Process ~~user~~hotel ~~authentication~~guest inlogin using room number and last name, establishing a ~~web~~24-hour ~~application~~session ~~that~~with ~~needs~~30-minute toidle ~~access~~timeout ~~GATE portal features. After successful login, store~~for the ~~access~~guest ~~token for subsequent API calls and use the refresh token to maintain the session.~~network.

Use Case 2: MobileCoffee AppShop AuthenticationSocial Login

Authenticate ~~mobile~~customers ~~app~~through ~~users~~social ~~and~~media ~~establish~~credentials, ~~persistent~~creating ~~sessions~~a ~~using~~2-hour ~~device~~session ~~identification.~~that ~~The~~automatically ~~remember_me~~expires ~~flag~~when ~~and~~inactive ~~device_id~~for ~~help~~15 ~~maintain user sessions across app launches.~~minutes.

Use Case 3: AutomatedCorporate SystemGuest AuthenticationAccess

~~Set~~Validate guest credentials with sponsor approval, setting up ~~automated~~restricted ~~systems~~network oraccess ~~background~~with ~~services~~custom ~~that~~session ~~need~~duration ~~to perform actions~~based on ~~behalf~~approval ~~of a user account. Store credentials securely and handle token refresh automatically.~~level.

Use Case 4: APIPublic IntegrationHotspot TestingTerms Acceptance

~~During~~Process ~~development~~terms ~~and~~of ~~testing,~~service ~~use this endpoint to obtain valid authentication tokens~~acceptance for ~~testing~~public ~~other~~WiFi, ~~API~~establishing ~~endpoints~~basic ~~that~~internet ~~require~~access ~~authentication.~~with standard timeout policies.

Use Case 5: Multi-OrganizationRetail AccessCustomer Registration

~~For~~Handle ~~users~~new customer registration with ~~access~~email toverification, ~~multiple~~creating ~~organizations,~~personalized ~~use~~sessions ~~the~~with ~~returned~~loyalty ~~organization~~program ~~information to determine available features and data access levels within the GATE system.~~integration.

Best Practices

Authentication Data Security:

Always
~~Secure~~transmit ~~Credential~~authentication ~~Handling:~~ ~~Never log or store user passwords in plain text. Ensure credentials are transmitted~~data over HTTPS

Validate and ~~handle~~sanitize ~~them~~all ~~securely~~user ininputs ~~your~~before ~~application.~~ processing Implement

~~Token~~rate ~~Management:~~limiting to prevent brute force attacks

Store ~~access~~sensitive ~~tokens~~credentials securely and ~~implement~~follow ~~automatic~~data ~~refresh~~protection ~~logic~~regulations ~~using~~ ~~the~~

Session ~~refresh token before the access token expires.~~Management:

Set appropriate session timeouts based on your use case (hotels may need 24 hours, coffee shops may need 2-4 hours) Configure idle timeouts to free up network resources (typically 15-30 minutes) Monitor active sessions to prevent abuse and ensure fair usage

Device Tracking:

Use MAC addresses for device identification but be aware of MAC randomization on modern devices Combine MAC addresses with other identifiers for more reliable tracking Implement device limits per user account to prevent sharing abuse

Error Handling:

~~Implement~~

~~comprehensive~~Provide clear error ~~handling~~messages for ~~different~~authentication ~~response~~failures ~~codes,~~without ~~especially~~revealing ~~for~~system ~~account lockouts (403) and rate limiting (429).~~ details Implement

~~Device~~retry ~~Management:~~ ~~Use consistent device_id values for the same client to help~~logic with ~~session management and security monitoring.~~

~~Session Monitoring:~~ ~~Track session expiration times and implement logout functionality that properly invalidates tokens when users end their sessions.~~

~~Rate Limit Awareness:~~ ~~Implement~~ exponential backoff for ~~failed~~temporary ~~login attempts to avoid triggering rate limits, especially in automated systems.~~

failures

~~Security Logging:~~ Log ~~authentication~~failed ~~events (successful logins, failures, suspicious activities)~~attempts for security monitoring and ~~compliance purposes.~~

troubleshooting

Network Integration:

Ensure your portal system can communicate with network controllers Test timeout configurations with your specific network hardware Monitor session establishment success rates and adjust parameters as needed