98f581ec97
- Updated cursor rules to emphasize the importance of dependency injection and logging practices. - Introduced a new user management domain, including entities, services, handlers, and validation. - Implemented user authentication features such as login, registration, and role-based access control. - Added Redis integration for token management and caching. - Enhanced API documentation with Swagger for user-related endpoints. - Updated configuration to support new JWT settings and Redis connection parameters.
1558 lines
40 KiB
YAML
1558 lines
40 KiB
YAML
basePath: /api/v1
|
|
definitions:
|
|
customer.AddDeviceTokenForm:
|
|
properties:
|
|
device_token:
|
|
type: string
|
|
device_type:
|
|
type: string
|
|
type: object
|
|
customer.AuthResponse:
|
|
properties:
|
|
access_token:
|
|
type: string
|
|
customer:
|
|
$ref: '#/definitions/customer.CustomerResponse'
|
|
expires_at:
|
|
type: integer
|
|
refresh_token:
|
|
type: string
|
|
type: object
|
|
customer.ChangePasswordForm:
|
|
properties:
|
|
new_password:
|
|
type: string
|
|
old_password:
|
|
type: string
|
|
type: object
|
|
customer.CustomerResponse:
|
|
properties:
|
|
birthdate:
|
|
type: integer
|
|
company_id:
|
|
type: string
|
|
created_at:
|
|
type: integer
|
|
device_tokens:
|
|
items:
|
|
$ref: '#/definitions/customer.DeviceToken'
|
|
type: array
|
|
email:
|
|
type: string
|
|
full_name:
|
|
type: string
|
|
gender:
|
|
type: string
|
|
id:
|
|
type: string
|
|
is_verified:
|
|
type: boolean
|
|
last_login_at:
|
|
type: integer
|
|
mobile:
|
|
type: string
|
|
national_id:
|
|
type: string
|
|
profile_image:
|
|
type: string
|
|
status:
|
|
type: string
|
|
updated_at:
|
|
type: integer
|
|
username:
|
|
type: string
|
|
type: object
|
|
customer.DeviceToken:
|
|
properties:
|
|
createdAt:
|
|
description: Unix timestamp
|
|
type: integer
|
|
deviceType:
|
|
$ref: '#/definitions/customer.DeviceType'
|
|
token:
|
|
type: string
|
|
updatedAt:
|
|
description: Unix timestamp
|
|
type: integer
|
|
type: object
|
|
customer.DeviceType:
|
|
enum:
|
|
- android
|
|
- ios
|
|
type: string
|
|
x-enum-varnames:
|
|
- DeviceTypeAndroid
|
|
- DeviceTypeIOS
|
|
customer.LoginForm:
|
|
properties:
|
|
email_or_mobile:
|
|
type: string
|
|
password:
|
|
type: string
|
|
type: object
|
|
customer.RefreshTokenForm:
|
|
properties:
|
|
refresh_token:
|
|
type: string
|
|
type: object
|
|
customer.RegisterCustomerForm:
|
|
properties:
|
|
birthdate:
|
|
type: integer
|
|
company_id:
|
|
type: string
|
|
email:
|
|
type: string
|
|
full_name:
|
|
type: string
|
|
gender:
|
|
type: string
|
|
mobile:
|
|
type: string
|
|
national_id:
|
|
type: string
|
|
password:
|
|
type: string
|
|
profile_image:
|
|
type: string
|
|
username:
|
|
type: string
|
|
type: object
|
|
customer.RemoveDeviceTokenForm:
|
|
properties:
|
|
device_token:
|
|
type: string
|
|
type: object
|
|
customer.UpdateCustomerForm:
|
|
properties:
|
|
birthdate:
|
|
type: integer
|
|
email:
|
|
type: string
|
|
full_name:
|
|
type: string
|
|
gender:
|
|
type: string
|
|
mobile:
|
|
type: string
|
|
national_id:
|
|
type: string
|
|
profile_image:
|
|
type: string
|
|
status:
|
|
type: string
|
|
username:
|
|
type: string
|
|
type: object
|
|
customer.UpdateCustomerStatusForm:
|
|
properties:
|
|
status:
|
|
type: string
|
|
type: object
|
|
response.APIError:
|
|
properties:
|
|
code:
|
|
type: string
|
|
details:
|
|
type: string
|
|
message:
|
|
type: string
|
|
type: object
|
|
response.APIResponse:
|
|
properties:
|
|
data: {}
|
|
error:
|
|
$ref: '#/definitions/response.APIError'
|
|
message:
|
|
type: string
|
|
meta:
|
|
$ref: '#/definitions/response.Meta'
|
|
success:
|
|
type: boolean
|
|
type: object
|
|
response.Meta:
|
|
properties:
|
|
limit:
|
|
type: integer
|
|
offset:
|
|
type: integer
|
|
page:
|
|
type: integer
|
|
pages:
|
|
type: integer
|
|
total:
|
|
type: integer
|
|
type: object
|
|
user.AuthResponse:
|
|
properties:
|
|
access_token:
|
|
type: string
|
|
expires_at:
|
|
type: integer
|
|
refresh_token:
|
|
type: string
|
|
user:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: object
|
|
user.ChangePasswordForm:
|
|
properties:
|
|
new_password:
|
|
type: string
|
|
old_password:
|
|
type: string
|
|
type: object
|
|
user.CreateUserForm:
|
|
properties:
|
|
company_id:
|
|
type: string
|
|
department:
|
|
type: string
|
|
email:
|
|
type: string
|
|
full_name:
|
|
type: string
|
|
password:
|
|
type: string
|
|
phone:
|
|
type: string
|
|
position:
|
|
type: string
|
|
profile_image:
|
|
type: string
|
|
role:
|
|
type: string
|
|
username:
|
|
type: string
|
|
type: object
|
|
user.LoginForm:
|
|
properties:
|
|
email_or_username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
type: object
|
|
user.RefreshTokenForm:
|
|
properties:
|
|
refresh_token:
|
|
type: string
|
|
type: object
|
|
user.ResetPasswordForm:
|
|
properties:
|
|
email:
|
|
type: string
|
|
type: object
|
|
user.UpdateUserForm:
|
|
properties:
|
|
company_id:
|
|
type: string
|
|
department:
|
|
type: string
|
|
email:
|
|
type: string
|
|
full_name:
|
|
type: string
|
|
phone:
|
|
type: string
|
|
position:
|
|
type: string
|
|
profile_image:
|
|
type: string
|
|
role:
|
|
type: string
|
|
status:
|
|
type: string
|
|
username:
|
|
type: string
|
|
type: object
|
|
user.UpdateUserRoleForm:
|
|
properties:
|
|
role:
|
|
type: string
|
|
type: object
|
|
user.UpdateUserStatusForm:
|
|
properties:
|
|
status:
|
|
type: string
|
|
type: object
|
|
user.UserListResponse:
|
|
properties:
|
|
limit:
|
|
type: integer
|
|
offset:
|
|
type: integer
|
|
total:
|
|
type: integer
|
|
total_pages:
|
|
type: integer
|
|
users:
|
|
items:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: array
|
|
type: object
|
|
user.UserResponse:
|
|
properties:
|
|
company_id:
|
|
type: string
|
|
created_at:
|
|
type: integer
|
|
created_by:
|
|
type: string
|
|
department:
|
|
type: string
|
|
email:
|
|
type: string
|
|
full_name:
|
|
type: string
|
|
id:
|
|
type: string
|
|
is_verified:
|
|
type: boolean
|
|
last_login_at:
|
|
type: integer
|
|
phone:
|
|
type: string
|
|
position:
|
|
type: string
|
|
profile_image:
|
|
type: string
|
|
role:
|
|
type: string
|
|
status:
|
|
type: string
|
|
updated_at:
|
|
type: integer
|
|
updated_by:
|
|
type: string
|
|
username:
|
|
type: string
|
|
type: object
|
|
host: localhost:8081
|
|
info:
|
|
contact:
|
|
email: support@swagger.io
|
|
name: API Support
|
|
url: http://www.swagger.io/support
|
|
description: This is the API documentation for the Tender Management System.
|
|
license:
|
|
name: Apache 2.0
|
|
url: http://www.apache.org/licenses/LICENSE-2.0.html
|
|
termsOfService: http://swagger.io/terms/
|
|
title: Tender Management API
|
|
version: 1.0.0
|
|
paths:
|
|
/admin/customers:
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: Retrieve a paginated list of customers (admin only)
|
|
parameters:
|
|
- default: 1
|
|
description: Page number
|
|
in: query
|
|
name: page
|
|
type: integer
|
|
- default: 20
|
|
description: Number of items per page
|
|
in: query
|
|
name: limit
|
|
type: integer
|
|
- description: Search term
|
|
in: query
|
|
name: search
|
|
type: string
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: Customers retrieved successfully
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
items:
|
|
$ref: '#/definitions/customer.CustomerResponse'
|
|
type: array
|
|
type: object
|
|
"400":
|
|
description: Bad request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: List customers
|
|
tags:
|
|
- customers
|
|
/admin/customers/{id}:
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: Retrieve customer information by ID (admin only)
|
|
parameters:
|
|
- description: Customer ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
type: string
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: Customer retrieved successfully
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/customer.CustomerResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Customer not found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Get customer by ID
|
|
tags:
|
|
- customers
|
|
/admin/customers/{id}/status:
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Update customer status (admin only)
|
|
parameters:
|
|
- description: Customer ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
type: string
|
|
- description: Status update information
|
|
in: body
|
|
name: status
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/customer.UpdateCustomerStatusForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: Customer status updated successfully
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Customer not found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Update customer status
|
|
tags:
|
|
- customers
|
|
/admin/customers/device-tokens:
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: Retrieve all device tokens (admin only)
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: Device tokens retrieved successfully
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Get all device tokens
|
|
tags:
|
|
- customers
|
|
/admin/customers/register:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Register a new customer with the provided information
|
|
parameters:
|
|
- description: Customer registration information
|
|
in: body
|
|
name: customer
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/customer.RegisterCustomerForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"201":
|
|
description: Customer registered successfully
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/customer.CustomerResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"409":
|
|
description: Customer already exists
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
summary: Register a new customer
|
|
tags:
|
|
- customers
|
|
/customers/change-password:
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Change the authenticated customer's password
|
|
parameters:
|
|
- description: Password change information
|
|
in: body
|
|
name: password
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/customer.ChangePasswordForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: Password changed successfully
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Change customer password
|
|
tags:
|
|
- customers
|
|
/customers/device-token:
|
|
delete:
|
|
consumes:
|
|
- application/json
|
|
description: Remove a device token for push notifications
|
|
parameters:
|
|
- description: Device token information
|
|
in: body
|
|
name: device_token
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/customer.RemoveDeviceTokenForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: Device token removed successfully
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Remove device token
|
|
tags:
|
|
- customers
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Add a device token for push notifications
|
|
parameters:
|
|
- description: Device token information
|
|
in: body
|
|
name: device_token
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/customer.AddDeviceTokenForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: Device token added successfully
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Add device token
|
|
tags:
|
|
- customers
|
|
/customers/login:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Authenticate customer with email and password
|
|
parameters:
|
|
- description: Login credentials
|
|
in: body
|
|
name: credentials
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/customer.LoginForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: Login successful
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/customer.AuthResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Invalid credentials
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
summary: Customer login
|
|
tags:
|
|
- customers
|
|
/customers/logout:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Logout customer and invalidate device token
|
|
parameters:
|
|
- description: Logout request with device token
|
|
in: body
|
|
name: logout
|
|
required: true
|
|
schema:
|
|
type: object
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: Logged out successfully
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Customer logout
|
|
tags:
|
|
- customers
|
|
/customers/profile:
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: Retrieve the authenticated customer's profile information
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: Profile retrieved successfully
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/customer.CustomerResponse'
|
|
type: object
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Customer not found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Get customer profile
|
|
tags:
|
|
- customers
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Update the authenticated customer's profile information
|
|
parameters:
|
|
- description: Profile update information
|
|
in: body
|
|
name: profile
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/customer.UpdateCustomerForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: Profile updated successfully
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/customer.CustomerResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Update customer profile
|
|
tags:
|
|
- customers
|
|
/customers/refresh-token:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Refresh the access token using a refresh token
|
|
parameters:
|
|
- description: Refresh token information
|
|
in: body
|
|
name: token
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/customer.RefreshTokenForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: Token refreshed successfully
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/customer.AuthResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Invalid refresh token
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
summary: Refresh access token
|
|
tags:
|
|
- customers
|
|
/users/admin:
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: List users with search and filters (admin only)
|
|
parameters:
|
|
- description: Search term
|
|
in: query
|
|
name: search
|
|
type: string
|
|
- description: User status filter
|
|
in: query
|
|
name: status
|
|
type: string
|
|
- description: User role filter
|
|
in: query
|
|
name: role
|
|
type: string
|
|
- description: Company ID filter
|
|
in: query
|
|
name: company_id
|
|
type: string
|
|
- description: Limit results
|
|
in: query
|
|
name: limit
|
|
type: integer
|
|
- description: Offset results
|
|
in: query
|
|
name: offset
|
|
type: integer
|
|
- description: Sort field
|
|
in: query
|
|
name: sort_by
|
|
type: string
|
|
- description: Sort order
|
|
in: query
|
|
name: sort_order
|
|
type: string
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.UserListResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: List users
|
|
tags:
|
|
- users
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Create a new user (admin only)
|
|
parameters:
|
|
- description: User creation data
|
|
in: body
|
|
name: user
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.CreateUserForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"201":
|
|
description: Created
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Create user
|
|
tags:
|
|
- users
|
|
/users/admin/{id}:
|
|
delete:
|
|
consumes:
|
|
- application/json
|
|
description: Delete a user (admin only)
|
|
parameters:
|
|
- description: User ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
type: string
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Delete user
|
|
tags:
|
|
- users
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: Get user details by ID (admin only)
|
|
parameters:
|
|
- description: User ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
type: string
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Get user by ID
|
|
tags:
|
|
- users
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Update user information (admin only)
|
|
parameters:
|
|
- description: User ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
type: string
|
|
- description: User update data
|
|
in: body
|
|
name: user
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.UpdateUserForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Update user
|
|
tags:
|
|
- users
|
|
/users/admin/{id}/role:
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Update user role (admin only)
|
|
parameters:
|
|
- description: User ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
type: string
|
|
- description: Role update data
|
|
in: body
|
|
name: role
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.UpdateUserRoleForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Update user role
|
|
tags:
|
|
- users
|
|
/users/admin/{id}/status:
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Update user account status (admin only)
|
|
parameters:
|
|
- description: User ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
type: string
|
|
- description: Status update data
|
|
in: body
|
|
name: status
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.UpdateUserStatusForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Update user status
|
|
tags:
|
|
- users
|
|
/users/admin/company/{company_id}:
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: Get users belonging to a specific company (admin only)
|
|
parameters:
|
|
- description: Company ID
|
|
in: path
|
|
name: company_id
|
|
required: true
|
|
type: string
|
|
- description: Limit results
|
|
in: query
|
|
name: limit
|
|
type: integer
|
|
- description: Offset results
|
|
in: query
|
|
name: offset
|
|
type: integer
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Get users by company ID
|
|
tags:
|
|
- users
|
|
/users/admin/role/{role}:
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: Get users with a specific role (admin only)
|
|
parameters:
|
|
- description: User role
|
|
in: path
|
|
name: role
|
|
required: true
|
|
type: string
|
|
- description: Limit results
|
|
in: query
|
|
name: limit
|
|
type: integer
|
|
- description: Offset results
|
|
in: query
|
|
name: offset
|
|
type: integer
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Get users by role
|
|
tags:
|
|
- users
|
|
/users/change-password:
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Change current user password
|
|
parameters:
|
|
- description: Password change data
|
|
in: body
|
|
name: password
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.ChangePasswordForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Change password
|
|
tags:
|
|
- users
|
|
/users/login:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Authenticate user with email/username and password
|
|
parameters:
|
|
- description: Login credentials
|
|
in: body
|
|
name: login
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.LoginForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.AuthResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
summary: Login user
|
|
tags:
|
|
- users
|
|
/users/logout:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Logout current user and invalidate tokens
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Logout user
|
|
tags:
|
|
- users
|
|
/users/profile:
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: Get current user profile information
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: object
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Get user profile
|
|
tags:
|
|
- users
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Update current user profile information
|
|
parameters:
|
|
- description: Profile update data
|
|
in: body
|
|
name: profile
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.UpdateUserForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Update user profile
|
|
tags:
|
|
- users
|
|
/users/refresh-token:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Refresh access token using refresh token
|
|
parameters:
|
|
- description: Refresh token
|
|
in: body
|
|
name: refresh
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.RefreshTokenForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.AuthResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
summary: Refresh access token
|
|
tags:
|
|
- users
|
|
/users/reset-password:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Send password reset email to user
|
|
parameters:
|
|
- description: Password reset request
|
|
in: body
|
|
name: reset
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.ResetPasswordForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
summary: Reset password
|
|
tags:
|
|
- users
|
|
securityDefinitions:
|
|
BearerAuth:
|
|
description: Type "Bearer" followed by a space and JWT token.
|
|
in: header
|
|
name: Authorization
|
|
type: apiKey
|
|
swagger: "2.0"
|
|
tags:
|
|
- description: Customer management operations
|
|
name: customers
|
|
- description: User management operations
|
|
name: users
|
|
- description: Health check operations
|
|
name: health
|
|
- description: Authentication operations
|
|
name: auth
|