syntax = "v1"

type (
	AuthRegisterReq {
		TenantID    string `json:"tenant_id" validate:"required"`
		Email       string `json:"email" validate:"required,email"`
		Password    string `json:"password" validate:"required,min=8,max=128"`
		DisplayName string `json:"display_name,optional"`
		Language    string `json:"language,optional"`
	}

	AuthLoginReq {
		TenantID string `json:"tenant_id" validate:"required"`
		Email    string `json:"email" validate:"required,email"`
		Password string `json:"password" validate:"required,min=8,max=128"`
	}

	AuthRefreshReq {
		RefreshToken string `json:"refresh_token" validate:"required"`
	}

	AuthTokenData {
		AccessToken  string `json:"access_token"`
		RefreshToken string `json:"refresh_token"`
		ExpiresIn    int64  `json:"expires_in"`
		UID          string `json:"uid"`
		TokenType    string `json:"token_type"`
	}

	LogoutData {
		OK bool `json:"ok"`
	}
)

@server(
	group:   auth
	prefix:  /api/v1/auth
	tags:    "Auth"
	summary: "Native member auth and JWT token endpoints"
)
service gateway {
	@handler register
	post /register (AuthRegisterReq) returns (AuthTokenData)

	@handler login
	post /login (AuthLoginReq) returns (AuthTokenData)

	@handler refresh
	post /refresh (AuthRefreshReq) returns (AuthTokenData)
}

@server(
	group:      auth
	prefix:     /api/v1/auth
	middleware: AuthJWT
	tags:       "Auth"
	summary:    "Logout requires member Bearer JWT"
)
service gateway {
	@handler logout
	post /logout returns (LogoutData)
}