User Login API
Used to implement user login functionality. Supports passing parameters via GET or POST methods. Required information includes application ID, user account, and password (password does not need to be encrypted). The application signature is obtained directly from the backend. Upon successful login, user information and a token for subsequent permission verification are returned.
Request URL GET / POST
http
https://nobase.cn/api/user/loginRequest Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| appid | string | ✅ Yes | Application ID, the unique identifier of the application obtained from the developer center |
| user | string | ✅ Yes | User account, the unique account used for registration (such as phone number, username) |
| pass | string | ✅ Yes | User password, the original password used during registration (no encryption needed, pass directly) |
| signature | string | ✅ Yes | Application signature, obtained directly from the backend (no manual generation needed, bound to appid) |
Response Example
Success Response (Login Successful)
json
{
"code": 200,
"msg": "success",
"data": {
"username": "123456",
"nickname": "Gu Jiang",
"qq": "Not bound",
"useremail": "Not bound",
"exp": 5,
"grade": 0,
"title": "Not equipped",
"createtime": "2025-02-09 11:48:23",
"logintime": "2025-06-12 17:16:31",
"viptime": "Expired (4 months)",
"Continuous": 0,
"piastrenum": 152,
"likes": 0,
"Continuouslogin": 0,
"signature": "This user is too lazy to leave a signature",
"icon": "https://api.xunanit.cn/api/user/avatar/e2d62123d1a16b77cdd5cef19b1205c4.jpg",
"foll": 0,
"fans": 0,
"forum": 0,
"sex": 1,
"token": "865ad245ed1564aa1672d32d4284fa3f032dd54f638b1716e9d229206f943fd5",
"token_dead": 1749752367
}
}Response Data Structure
| Parameter | Type | Description |
|---|---|---|
| code | number | Status code: 200=Login successful, 400=Parameter error/Business failure, 500=System error |
| msg | string | Status description: success=Success, fail=Failure |
| data | object/string | Response data: User information object when code=200, error prompt string when code≠200 |
| data.username | string | User account (account used for login) |
| data.nickname | string | User nickname |
| data.qq | string | User QQ number (returns "Not bound" if not bound) |
| data.useremail | string | User email (returns "Not bound" if not bound) |
| data.exp | number | User experience points |
| data.grade | number | User level |
| data.title | string | User title (returns "Not equipped" if not equipped) |
| data.createtime | string | User account creation time (format: YYYY-MM-DD HH:MM:SS) |
| data.logintime | string | Current login time (format: YYYY-MM-DD HH:MM:SS) |
| data.viptime | string | VIP validity period (returns "Expired (xx months)" if expired) |
| data.Continuous | number | Consecutive check-in days |
| data.piastrenum | number | User balance amount |
| data.likes | number | Number of likes received by user |
| data.Continuouslogin | number | Consecutive login days |
| data.signature | string | User personal signature (returns default prompt if not set) |
| data.icon | string | User avatar URL address |
| data.foll | number | Number of users followed by user |
| data.fans | number | Number of user fans |
| data.forum | number | Number of posts published by user |
| data.sex | number | User gender (1=Male, 2=Female) |
| data.token | string | User token returned after successful login (used for subsequent interface permission verification) |
| data.token_dead | number | Token expiration time (timestamp format, unit: seconds) |
Code Example
javascript
// 1. Configure parameters (required fields need to be replaced with actual values, signature obtained from backend)
const appid = "your_app_id"; // Application ID (required)
const signature = "your_signature_from_backend"; // Application signature (obtained from backend, required)
const user = "user123456"; // Login account (required)
const pass = "user_password123"; // Login password (no encryption needed, pass original password directly)
// 2. Concatenate GET parameters
const params = new URLSearchParams({
appid,
signature,
user,
pass
});
// 3. Initiate GET request
const requestUrl = `https://nobase.cn/api/user/login?${params.toString()}`;
fetch(requestUrl)
.then(response => {
if (!response.ok) throw new Error(`HTTP Error: ${response.status}`);
return response.json();
})
.then(res => {
if (res.code === 200) {
console.log("Login successful:", res.data.nickname);
console.log("User token:", res.data.token);
// Save token for subsequent requests
localStorage.setItem('token', res.data.token);
} else {
console.error("Login failed:", res.data);
}
})
.catch(error => console.error("Request failed:", error));javascript
// 1. Configure parameters (same as GET, signature obtained from backend)
const appid = "your_app_id";
const signature = "your_signature_from_backend";
const user = "user123456";
const pass = "user_password123";
// 2. Initiate POST request
fetch('https://nobase.cn/api/user/login', {
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
},
body: new URLSearchParams({ appid, signature, user, pass })
})
.then(response => response.json())
.then(res => {
if (res.code === 200) {
console.log("Login successful:", res.data);
} else {
console.error("Login failed:", res.data);
}
});python
import requests
appid = "your_app_id"
signature = "your_signature_from_backend"
user = "user123456"
pass = "user_password123"
url = "https://nobase.cn/api/user/login"
params = {
"appid": appid,
"signature": signature,
"user": user,
"pass": pass
}
response = requests.get(url, params=params)
res_data = response.json()
if res_data["code"] == 200:
print(f"Login successful: {res_data['data']['nickname']}")
print(f"Token: {res_data['data']['token']}")
else:
print(f"Login failed: {res_data['data']}")Precautions
- Password Security: Although the password is passed in plain text, it is recommended to use HTTPS for transmission to ensure security.
- Token Validity: The token returned after login has a validity period. Please pay attention to the
token_deadfield and re-login to obtain a new token after expiration. - Error Handling: When the login fails, the
datafield will return specific error information, such as "Account does not exist" or "Password error".