feat: implement user login via email/password and update API documentation

Author: JasonKrik

services/backend/api-spec.json

@@ -61,69 +61,6 @@
         }
       }
     },
-    "/login": {
-      "post": {
-        "responses": {
-          "200": {
-            "description": "Default Response"
-          }
-        }
-      }
-    },
-    "/logout": {
-      "post": {
-        "summary": "User logout",
-        "tags": [
-          "Authentication"
-        ],
-        "description": "Invalidates the current user session and clears authentication cookies. This endpoint can be called even without an active session.",
-        "security": [
-          {
-            "cookieAuth": []
-          }
-        ],
-        "responses": {
-          "200": {
-            "description": "Default Response",
-            "content": {
-              "application/json": {
-                "schema": {
-                  "type": "object",
-                  "properties": {
-                    "success": {
-                      "type": "boolean",
-                      "description": "Indicates if the logout operation was successful"
-                    },
-                    "message": {
-                      "type": "string",
-                      "description": "Human-readable message about the logout result"
-                    }
-                  },
-                  "required": [
-                    "success",
-                    "message"
-                  ]
-                },
-                "examples": {
-                  "example1": {
-                    "value": {
-                      "success": true,
-                      "message": "Logged out successfully."
-                    }
-                  },
-                  "example2": {
-                    "value": {
-                      "success": true,
-                      "message": "No active session to logout or already logged out."
-                    }
-                  }
-                }
-              }
-            }
-          }
-        }
-      }
-    },
     "/api/roles": {
       "get": {
         "responses": {
@@ -473,9 +410,221 @@
     },
     "/api/auth/email/login": {
       "post": {
+        "summary": "User login via email/password",
+        "tags": [
+          "Authentication"
+        ],
+        "description": "Authenticates a user using their registered identifier (email or username) and password. This endpoint is accessed via the /api/auth/email/login path due to server-level prefixing. Establishes a session by setting an authentication cookie.",
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "type": "object",
+                "properties": {
+                  "login": {
+                    "type": "string",
+                    "description": "User's registered email address or username."
+                  },
+                  "password": {
+                    "type": "string",
+                    "description": "User's password."
+                  }
+                },
+                "required": [
+                  "login",
+                  "password"
+                ]
+              }
+            }
+          },
+          "required": true
+        },
+        "security": [
+          {
+            "cookieAuth": []
+          }
+        ],
         "responses": {
           "200": {
-            "description": "Default Response"
+            "description": "Login successful. Session cookie is set.",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "description": "Login successful. Session cookie is set.",
+                  "type": "object",
+                  "properties": {
+                    "success": {
+                      "type": "boolean",
+                      "description": "Indicates if the login operation was successful."
+                    },
+                    "message": {
+                      "type": "string",
+                      "description": "Human-readable message about the login result."
+                    },
+                    "user": {
+                      "type": "object",
+                      "description": "Basic information about the logged-in user.",
+                      "properties": {
+                        "id": {
+                          "type": "string",
+                          "description": "User ID"
+                        },
+                        "email": {
+                          "type": "string",
+                          "format": "email",
+                          "description": "User's primary email address."
+                        },
+                        "username": {
+                          "type": "string",
+                          "nullable": true
+                        },
+                        "first_name": {
+                          "type": "string",
+                          "nullable": true
+                        },
+                        "last_name": {
+                          "type": "string",
+                          "nullable": true
+                        },
+                        "role_id": {
+                          "type": "string",
+                          "nullable": true
+                        }
+                      },
+                      "required": [
+                        "id",
+                        "email"
+                      ]
+                    }
+                  },
+                  "required": [
+                    "success",
+                    "message",
+                    "user"
+                  ]
+                },
+                "example": {
+                  "success": true,
+                  "message": "Logged in successfully.",
+                  "user": {
+                    "id": "clxyz1234000008l3abcde123",
+                    "email": "user@example.com",
+                    "username": "testuser",
+                    "first_name": "Test",
+                    "last_name": "User",
+                    "role_id": "user_role_id"
+                  }
+                }
+              }
+            }
+          },
+          "400": {
+            "description": "Bad Request - Invalid input or invalid credentials.",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "description": "Bad Request - Invalid input or invalid credentials.",
+                  "type": "object",
+                  "properties": {
+                    "success": {
+                      "type": "boolean"
+                    },
+                    "error": {
+                      "type": "string",
+                      "description": "Error message."
+                    }
+                  },
+                  "required": [
+                    "success",
+                    "error"
+                  ]
+                },
+                "examples": {
+                  "example1": {
+                    "value": {
+                      "success": false,
+                      "error": "Email/username and password are required."
+                    }
+                  },
+                  "example2": {
+                    "value": {
+                      "success": false,
+                      "error": "Invalid email/username or password."
+                    }
+                  }
+                }
+              }
+            }
+          },
+          "403": {
+            "description": "Forbidden - Login is disabled by administrator.",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "description": "Forbidden - Login is disabled by administrator.",
+                  "type": "object",
+                  "properties": {
+                    "success": {
+                      "type": "boolean"
+                    },
+                    "error": {
+                      "type": "string"
+                    }
+                  },
+                  "required": [
+                    "success",
+                    "error"
+                  ]
+                },
+                "example": {
+                  "success": false,
+                  "error": "Login is currently disabled by administrator."
+                }
+              }
+            }
+          },
+          "500": {
+            "description": "Internal Server Error - An unexpected error occurred on the server.",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "description": "Internal Server Error - An unexpected error occurred on the server.",
+                  "type": "object",
+                  "properties": {
+                    "success": {
+                      "type": "boolean"
+                    },
+                    "error": {
+                      "type": "string"
+                    }
+                  },
+                  "required": [
+                    "success",
+                    "error"
+                  ]
+                },
+                "examples": {
+                  "example1": {
+                    "value": {
+                      "success": false,
+                      "error": "An unexpected error occurred during login."
+                    }
+                  },
+                  "example2": {
+                    "value": {
+                      "success": false,
+                      "error": "Internal server error: User table configuration missing."
+                    }
+                  },
+                  "example3": {
+                    "value": {
+                      "success": false,
+                      "error": "User ID not found."
+                    }
+                  }
+                }
+              }
+            }
           }
         }
       }
@@ -556,7 +705,7 @@
   "servers": [
     {
       "url": "http://localhost:3000",
-      "description": "Development server"
+      "description": "Server"
     }
   ]
 }