basePath: /
definitions:
  auth.loginRequest:
    properties:
      email:
        type: string
      senha:
        type: string
    required:
    - email
    - senha
    type: object
  auth.registerRequest:
    properties:
      email:
        type: string
      senha:
        minLength: 6
        type: string
    required:
    - email
    - senha
    type: object
host: localhost:8080
info:
  contact:
    email: support@swagger.io
    name: API Support
    url: http://www.swagger.io/support
  description: Backend authentication service for Photum.
  license:
    name: Apache 2.0
    url: http://www.apache.org/licenses/LICENSE-2.0.html
  termsOfService: http://swagger.io/terms/
  title: Photum Backend API
  version: "1.0"
paths:
  /auth/login:
    post:
      consumes:
      - application/json
      description: Authenticate user and return access token and refresh token
      parameters:
      - description: Login Request
        in: body
        name: request
        required: true
        schema:
          $ref: '#/definitions/auth.loginRequest'
      produces:
      - application/json
      responses:
        "200":
          description: OK
          schema:
            additionalProperties: true
            type: object
        "400":
          description: Bad Request
          schema:
            additionalProperties:
              type: string
            type: object
        "401":
          description: Unauthorized
          schema:
            additionalProperties:
              type: string
            type: object
      summary: Login user
      tags:
      - auth
  /auth/logout:
    post:
      consumes:
      - application/json
      description: Revoke refresh token and clear cookie
      parameters:
      - description: Refresh Token (optional if in cookie)
        in: body
        name: refresh_token
        schema:
          type: string
      produces:
      - application/json
      responses:
        "200":
          description: OK
          schema:
            additionalProperties:
              type: string
            type: object
      summary: Logout user
      tags:
      - auth
  /auth/refresh:
    post:
      consumes:
      - application/json
      description: Get a new access token using a valid refresh token (cookie or body)
      parameters:
      - description: Refresh Token (optional if in cookie)
        in: body
        name: refresh_token
        schema:
          type: string
      produces:
      - application/json
      responses:
        "200":
          description: OK
          schema:
            additionalProperties: true
            type: object
        "401":
          description: Unauthorized
          schema:
            additionalProperties:
              type: string
            type: object
      summary: Refresh access token
      tags:
      - auth
  /auth/register:
    post:
      consumes:
      - application/json
      description: Create a new user account with email and password
      parameters:
      - description: Register Request
        in: body
        name: request
        required: true
        schema:
          $ref: '#/definitions/auth.registerRequest'
      produces:
      - application/json
      responses:
        "201":
          description: Created
          schema:
            additionalProperties: true
            type: object
        "400":
          description: Bad Request
          schema:
            additionalProperties:
              type: string
            type: object
        "500":
          description: Internal Server Error
          schema:
            additionalProperties:
              type: string
            type: object
      summary: Register a new user
      tags:
      - auth
securityDefinitions:
  BearerAuth:
    in: header
    name: Authorization
    type: apiKey
swagger: "2.0"