{
    "schemes": [
        "http"
    ],
    "swagger": "2.0",
    "info": {
        "description": "API for AegisGuard control plane",
        "title": "AegisGuard API",
        "contact": {},
        "version": "1.0"
    },
    "paths": {
        "/api/auth/login": {
            "post": {
                "description": "Authenticate user with email and password, returns JWT token",
                "consumes": [
                    "application/json"
                ],
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "auth"
                ],
                "summary": "Epta login",
                "parameters": [
                    {
                        "description": "Login credentials",
                        "name": "request",
                        "in": "body",
                        "required": true,
                        "schema": {
                            "$ref": "#/definitions/internal_auth.LoginRequest"
                        }
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/internal_auth.AuthResponse"
                        }
                    },
                    "400": {
                        "description": "Bad Request",
                        "schema": {
                            "$ref": "#/definitions/internal_auth.ErrorResponse"
                        }
                    },
                    "401": {
                        "description": "Unauthorized",
                        "schema": {
                            "$ref": "#/definitions/internal_auth.ErrorResponse"
                        }
                    }
                }
            }
        },
        "/api/auth/me": {
            "get": {
                "security": [
                    {
                        "Bearer": []
                    }
                ],
                "description": "Get authenticated user's profile",
                "consumes": [
                    "application/json"
                ],
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "auth"
                ],
                "summary": "Epta get current user",
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/internal_auth.UserResponse"
                        }
                    },
                    "401": {
                        "description": "Unauthorized",
                        "schema": {
                            "$ref": "#/definitions/internal_auth.ErrorResponse"
                        }
                    }
                }
            }
        },
        "/api/auth/refresh": {
            "post": {
                "description": "Get a new access token using a refresh token",
                "consumes": [
                    "application/json"
                ],
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "auth"
                ],
                "summary": "Refresh epta token",
                "parameters": [
                    {
                        "description": "Refresh token",
                        "name": "request",
                        "in": "body",
                        "required": true,
                        "schema": {
                            "$ref": "#/definitions/internal_auth.RefreshRequest"
                        }
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/internal_auth.AuthResponse"
                        }
                    },
                    "400": {
                        "description": "Bad Request",
                        "schema": {
                            "$ref": "#/definitions/internal_auth.ErrorResponse"
                        }
                    },
                    "401": {
                        "description": "Unauthorized",
                        "schema": {
                            "$ref": "#/definitions/internal_auth.ErrorResponse"
                        }
                    }
                }
            }
        },
        "/api/auth/register": {
            "post": {
                "description": "Create user account with username, email, password",
                "consumes": [
                    "application/json"
                ],
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "auth"
                ],
                "summary": "Epta registration",
                "parameters": [
                    {
                        "description": "Registration details",
                        "name": "request",
                        "in": "body",
                        "required": true,
                        "schema": {
                            "$ref": "#/definitions/internal_auth.RegisterRequest"
                        }
                    }
                ],
                "responses": {
                    "201": {
                        "description": "Created",
                        "schema": {
                            "$ref": "#/definitions/internal_auth.UserResponse"
                        }
                    },
                    "400": {
                        "description": "Bad Request",
                        "schema": {
                            "$ref": "#/definitions/internal_auth.ErrorResponse"
                        }
                    },
                    "409": {
                        "description": "Conflict",
                        "schema": {
                            "$ref": "#/definitions/internal_auth.ErrorResponse"
                        }
                    }
                }
            }
        }
    },
    "definitions": {
        "internal_auth.AuthResponse": {
            "type": "object",
            "properties": {
                "refresh_token": {
                    "type": "string",
                    "example": "dGhpcyBpcyBhIHJlZnJlc2ggdG9rZW4="
                },
                "token": {
                    "type": "string",
                    "example": "eyJhbGciOiJIUzI1NiIs..."
                },
                "user": {
                    "$ref": "#/definitions/internal_auth.UserPublic"
                }
            }
        },
        "internal_auth.ErrorResponse": {
            "type": "object",
            "properties": {
                "error": {
                    "type": "string",
                    "example": "invalid email or password"
                }
            }
        },
        "internal_auth.LoginRequest": {
            "type": "object",
            "required": [
                "email",
                "password"
            ],
            "properties": {
                "email": {
                    "type": "string",
                    "example": "john@example.com"
                },
                "password": {
                    "type": "string",
                    "example": "secret123"
                }
            }
        },
        "internal_auth.RefreshRequest": {
            "type": "object",
            "required": [
                "refresh_token"
            ],
            "properties": {
                "refresh_token": {
                    "type": "string",
                    "example": "dGhpcyBpcyBhIHJlZnJlc2ggdG9rZW4="
                }
            }
        },
        "internal_auth.RegisterRequest": {
            "type": "object",
            "required": [
                "email",
                "password",
                "username"
            ],
            "properties": {
                "email": {
                    "type": "string",
                    "example": "john@example.com"
                },
                "password": {
                    "type": "string",
                    "minLength": 6,
                    "example": "secret123"
                },
                "username": {
                    "type": "string",
                    "maxLength": 30,
                    "minLength": 3,
                    "example": "john"
                }
            }
        },
        "internal_auth.UserPublic": {
            "type": "object",
            "properties": {
                "created_at": {
                    "type": "string"
                },
                "email": {
                    "type": "string"
                },
                "id": {
                    "type": "string"
                },
                "username": {
                    "type": "string"
                }
            }
        },
        "internal_auth.UserResponse": {
            "type": "object",
            "properties": {
                "user": {
                    "$ref": "#/definitions/internal_auth.UserPublic"
                }
            }
        }
    },
    "securityDefinitions": {
        "Bearer": {
            "description": "Type \"Bearer\" followed by a space and the JWT token.",
            "type": "apiKey",
            "name": "Authorization",
            "in": "header"
        }
    }
}