openapi: 3.0.3 info: title: Logiflow API description: API для логистической информационной системы version: 0.1.0 contact: name: anxi0uz servers: - url: http://localhost:3001 description: Local development components: securitySchemes: BearerAuth: type: http scheme: bearer bearerFormat: JWT schemas: ApiResponse: type: object properties: status: type: integer nullable: false data: type: object nullable: true success: type: boolean nullable: false requestID: type: string nullable: false ErrorResponse: type: object properties: status: type: integer message: type: string requestID: type: string User: type: object properties: id: type: string format: uuid email: type: string format: email slug: type: string fullName: type: string nullable: true avatarUrl: type: string nullable: true passwordHash: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time nullable: true lastLoginAt: type: string format: date-time nullable: true UserResponse: type: object properties: id: type: string format: uuid email: type: string format: email slug: type: string fullName: type: string nullable: true avatarUrl: type: string nullable: true createdAt: type: string format: date-time RegisterRequest: type: object required: [email, password, fullName] properties: email: type: string format: email password: type: string minLength: 8 fullName: type: string LoginRequest: type: object required: [email, password] properties: email: type: string format: email password: type: string TokenRefreshRequest: type: object required: [refreshToken] properties: refreshToken: type: string description: Refresh токен, полученный при логине TokenResponse: type: object required: [accessToken, refreshToken] properties: accessToken: type: string description: Access токен (JWT) refreshToken: type: string description: Refresh токен (opaque token, rotation) expiresIn: type: integer description: Время жизни access токена в секундах UserUpdate: type: object properties: fullName: type: string minLength: 2 maxLength: 150 nullable: true avatarUrl: type: string format: uri nullable: true password: type: string minLength: 8 description: Новый пароль (если меняется) currentPassword: type: string minLength: 8 description: Текущий пароль (обязателен при смене пароля) UserDeleteRequest: type: object required: [password] properties: password: type: string description: Текущий пароль для подтверждения удаления paths: /auth/register: post: operationId: authRegister summary: Регистрация нового пользователя tags: [Auth] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/RegisterRequest" responses: "201": description: Пользователь успешно создан content: application/json: schema: $ref: "#/components/schemas/ApiResponse" "400": description: Некорректные данные content: application/json: schema: $ref: "#/components/schemas/ErrorResponse" "409": description: Email уже занят content: application/json: schema: $ref: "#/components/schemas/ErrorResponse" /auth/login: post: operationId: authLogin summary: Авторизация пользователя tags: [Auth] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/LoginRequest" responses: "200": description: Успешный вход content: application/json: schema: $ref: "#/components/schemas/ApiResponse" "401": description: Неверный email или пароль content: application/json: schema: $ref: "#/components/schemas/ErrorResponse" /auth/refresh: post: operationId: authRefresh summary: Обновление access-токена через refresh-токен tags: [Auth] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/TokenRefreshRequest" responses: "200": description: Токены успешно обновлены content: application/json: schema: $ref: "#/components/schemas/ApiResponse" "401": description: Недействительный или истёкший refresh-токен content: application/json: schema: $ref: "#/components/schemas/ErrorResponse" "400": description: Некорректный запрос /auth/logout: post: operationId: authLogout summary: Выход из системы tags: [Auth] responses: "204": description: Успешный выход "401": description: Не авторизован /me: get: operationId: getMe summary: Получить текущего пользователя tags: [Me] responses: "200": description: Данные пользователя content: application/json: schema: $ref: "#/components/schemas/ApiResponse" "401": description: Не авторизован patch: operationId: updateMe summary: Обновить данные текущего пользователя tags: [Me] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/UserUpdate" responses: "200": description: Пользователь обновлён content: application/json: schema: $ref: "#/components/schemas/ApiResponse" "400": description: Некорректные данные content: application/json: schema: $ref: "#/components/schemas/ErrorResponse" "401": description: Не авторизован content: application/json: schema: $ref: "#/components/schemas/ErrorResponse" delete: operationId: deleteMe summary: Удалить аккаунт tags: [Me] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/UserDeleteRequest" responses: "204": description: Аккаунт удалён "400": description: Неверный пароль content: application/json: schema: $ref: "#/components/schemas/ErrorResponse" "401": description: Не авторизован content: application/json: schema: $ref: "#/components/schemas/ErrorResponse"