Login
Login with an email and a password.
Usage
Node.js / Next.js
const response = await provider.auth.login('user@example.com', 'password123');Express.js
Requires useProductFlame middleware.
app.post('/login', async (req, res) => { // Automatically sets the auth cookie const response = await req.auth.login('user@example.com', 'password123'); res.json(response);});Arguments
| Name | Type | Description |
|---|---|---|
email | string | Required. The user’s email address. |
password | string | Required. The user’s password. |
Response
Type: Promise<{ token: string }>
Returns the session token.
Note: Next.js and Express.js SDKs automatically handle setting the session cookie for you.
Errors
INVALID_CREDENTIALS: The email is invalid.INVALID_CREDENTIALS: The password is invalid or the user doesn’t exist.PROVIDER_AUTH_REQUIRED: Please authenticate using a third-party method, as this account was created using one.UNKNOWN_ERROR: An unknown error has occured.
POST https://api.productflame.com/v1/auth/login
Request
Headers
{ "Content-Type": "application/json", "Authorization": "<your_secret_api_key>"}Body
{ "email": "user@example.com", "password": "password123"}Response Format
200 OK (Success)
{ "message": "ok"}A Set-Cookie header will also be included to set the session cookie (named at).
400 Bad Request (Validation)
{ "error": "INVALID_CREDENTIALS", "message": "The email is invalid." // OR: "The password is invalid or the user doesn't exist."}The credentials provided are incorrect or invalid.
400 Bad Request (Provider)
{ "error": "PROVIDER_AUTH_REQUIRED", "message": "Please authenticate using a third-party method, as this account was created using one."}The user tried to log in with a password, but their account is linked to a third-party provider (like Google or GitHub).
500 Internal Server Error
{ "error": "UNKNOWN_ERROR", "message": "An unknown error has occured."}An unknown / internal server error occurred.