Authentication

Register

POST /api/v1/auth/register

Create a new user account.

Request body:

{
  "username": "alice",
  "email": "alice@example.com",
  "password": "securepassword"
}

Response 201 Created:

{
  "token": "eyJhbGciOiJIUzI1NiIs...",
  "user": {
    "id": 1,
    "username": "alice",
    "email": "alice@example.com"
  }
}

Login

POST /api/v1/auth/login

Authenticate and receive a JWT token.

Request body:

{
  "email": "alice@example.com",
  "password": "securepassword"
}

Response 200 OK:

{
  "token": "eyJhbGciOiJIUzI1NiIs...",
  "user": {
    "id": 1,
    "username": "alice",
    "email": "alice@example.com"
  }
}

Passwords are hashed with Argon2id. The returned JWT token should be included in the Authorization header for all subsequent requests.