{"openapi":"3.1.0","info":{"title":"Duck Store API","description":"Duck Store E-commerce API - Intentionally Vulnerable for Security Testing","version":"1.0.0"},"paths":{"/api/v1/auth/register":{"post":{"tags":["auth"],"summary":"Register","description":"Register a new user\n\nVULNERABLE: Referral code abuse:\n- No validation against self-referral (can use own username from another account)\n- No validation against circular referrals (A refers B, B refers A)\n- No limit on referral bonus exploitation\n- Can create infinite accounts to farm referral bonuses","operationId":"register_api_v1_auth_register_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/UserCreate"}}},"required":true},"responses":{"201":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/User"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/auth/login":{"post":{"tags":["auth"],"summary":"Login","description":"Login user and return access token.\nIf 2FA is enabled, returns a temporary token and requires_totp=True.","operationId":"login_api_v1_auth_login_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/UserLogin"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/LoginResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/auth/login/totp":{"post":{"tags":["auth"],"summary":"Login With Totp","description":"Complete login with TOTP code after initial authentication.\nExchange temporary token + TOTP code for a full access token.","operationId":"login_with_totp_api_v1_auth_login_totp_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/TOTPLoginRequest"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Token"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/auth/me":{"get":{"tags":["auth"],"summary":"Get Me","description":"Get current user info","operationId":"get_me_api_v1_auth_me_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/User"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/totp/setup":{"get":{"tags":["2fa"],"summary":"Setup Totp","description":"Generate a new TOTP secret and QR code for the user.\nThis doesn't enable 2FA yet - user must verify the code first.","operationId":"setup_totp_api_v1_totp_setup_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/TOTPSetupResponse"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/totp/enable":{"post":{"tags":["2fa"],"summary":"Enable Totp","description":"Enable 2FA after verifying the TOTP code.\nUser must have called /setup first to get a secret.","operationId":"enable_totp_api_v1_totp_enable_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/TOTPVerifyRequest"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/totp/disable":{"post":{"tags":["2fa"],"summary":"Disable Totp","description":"Disable 2FA after verifying the current TOTP code.","operationId":"disable_totp_api_v1_totp_disable_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/TOTPVerifyRequest"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/totp/status":{"get":{"tags":["2fa"],"summary":"Get Totp Status","description":"Check if 2FA is enabled for the current user.","operationId":"get_totp_status_api_v1_totp_status_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/TOTPStatusResponse"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/totp/verify":{"post":{"tags":["2fa"],"summary":"Verify Totp Code","description":"Verify a TOTP code (for testing purposes).","operationId":"verify_totp_code_api_v1_totp_verify_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/TOTPVerifyRequest"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/users/":{"get":{"tags":["users"],"summary":"List Users","description":"List all users (UUID and username only)","operationId":"list_users_api_v1_users__get","parameters":[{"name":"skip","in":"query","required":false,"schema":{"type":"integer","default":0,"title":"Skip"}},{"name":"limit","in":"query","required":false,"schema":{"type":"integer","default":10,"title":"Limit"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/UserPublic"},"title":"Response List Users Api V1 Users  Get"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/users/{user_uuid}":{"get":{"tags":["users"],"summary":"Get User","description":"VULNERABLE: IDOR (Insecure Direct Object Reference)\n\nThis endpoint exposes ALL user information including:\n- Email address\n- Account credit balance\n- Referral count\n- Role (admin/user)\n- TOTP status\n- Creation date\n\nNo authorization check - anyone can access any user's full profile\nby guessing or enumerating UUIDs.\n\nFix: Add authorization check:\n    if user_uuid != current_user.id and not current_user.is_admin():\n        raise HTTPException(403, \"Access denied\")","operationId":"get_user_api_v1_users__user_uuid__get","parameters":[{"name":"user_uuid","in":"path","required":true,"schema":{"type":"string","title":"User Uuid"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UserDetail"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/users/me/profile":{"get":{"tags":["users"],"summary":"Get Profile","description":"Get current user profile","operationId":"get_profile_api_v1_users_me_profile_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/User"}}}}},"security":[{"HTTPBearer":[]}]},"put":{"tags":["users"],"summary":"Update Profile","description":"Update current user profile","operationId":"update_profile_api_v1_users_me_profile_put","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/UserUpdate"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/User"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}},"security":[{"HTTPBearer":[]}]},"delete":{"tags":["users"],"summary":"Delete Profile","description":"Delete current user profile","operationId":"delete_profile_api_v1_users_me_profile_delete","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/products/":{"get":{"tags":["products"],"summary":"List Products","description":"List all products with pagination","operationId":"list_products_api_v1_products__get","parameters":[{"name":"skip","in":"query","required":false,"schema":{"type":"integer","minimum":0,"default":0,"title":"Skip"}},{"name":"limit","in":"query","required":false,"schema":{"type":"integer","maximum":100,"minimum":1,"default":10,"title":"Limit"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/Product"},"title":"Response List Products Api V1 Products  Get"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}},"post":{"tags":["products"],"summary":"Create Product","description":"Create a new product","operationId":"create_product_api_v1_products__post","requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ProductCreate"}}}},"responses":{"201":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Product"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/products/{product_id}":{"get":{"tags":["products"],"summary":"Get Product","description":"Get product by ID","operationId":"get_product_api_v1_products__product_id__get","parameters":[{"name":"product_id","in":"path","required":true,"schema":{"type":"integer","title":"Product Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Product"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}},"put":{"tags":["products"],"summary":"Update Product","description":"Update a product","operationId":"update_product_api_v1_products__product_id__put","parameters":[{"name":"product_id","in":"path","required":true,"schema":{"type":"integer","title":"Product Id"}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ProductUpdate"}}}},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Product"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/products/search/":{"get":{"tags":["products"],"summary":"Search Products","description":"Search products by name or description","operationId":"search_products_api_v1_products_search__get","parameters":[{"name":"q","in":"query","required":true,"schema":{"type":"string","minLength":1,"title":"Q"}},{"name":"skip","in":"query","required":false,"schema":{"type":"integer","minimum":0,"default":0,"title":"Skip"}},{"name":"limit","in":"query","required":false,"schema":{"type":"integer","maximum":100,"minimum":1,"default":10,"title":"Limit"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/Product"},"title":"Response Search Products Api V1 Products Search  Get"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/products/filter/by-color":{"get":{"tags":["products"],"summary":"Filter By Color","description":"VULNERABLE: SQL Injection - Sandboxed\nThe sort parameter is directly interpolated into the SQL query without sanitization.\n\nThe vulnerability is DETECTABLE but sandboxed to prevent destructive operations:\n- ORDER BY name; -- (works - proves SQLi exists)\n- ORDER BY (SELECT 1) (works - confirms blind SQLi)\n- UNION SELECT ... (blocked - data exfiltration attempt)\n- DROP TABLE ... (blocked - destructive operation)\n- INSERT/UPDATE/DELETE (blocked - data modification)\n\nOnly SELECT queries on products table are allowed.","operationId":"filter_by_color_api_v1_products_filter_by_color_get","parameters":[{"name":"color","in":"query","required":true,"schema":{"type":"string","description":"Filter products by color","title":"Color"},"description":"Filter products by color"},{"name":"sort","in":"query","required":false,"schema":{"type":"string","description":"Sort field","default":"name","title":"Sort"},"description":"Sort field"}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/cart/":{"get":{"tags":["cart"],"summary":"Get Cart","description":"Get current user's cart","operationId":"get_cart_api_v1_cart__get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Cart"}}}}},"security":[{"HTTPBearer":[]}]},"delete":{"tags":["cart"],"summary":"Clear Cart","description":"Clear all items from cart","operationId":"clear_cart_api_v1_cart__delete","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Cart"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/cart/add":{"post":{"tags":["cart"],"summary":"Add To Cart","description":"Add item to cart.\nVULNERABLE: No validation on quantity - negative values are accepted,\nwhich can result in negative totals (credit/refund).","operationId":"add_to_cart_api_v1_cart_add_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CartAddItem"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Cart"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/cart/items/{item_id}":{"delete":{"tags":["cart"],"summary":"Remove From Cart","description":"Remove item from cart","operationId":"remove_from_cart_api_v1_cart_items__item_id__delete","security":[{"HTTPBearer":[]}],"parameters":[{"name":"item_id","in":"path","required":true,"schema":{"type":"integer","title":"Item Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Cart"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}},"put":{"tags":["cart"],"summary":"Update Cart Item","description":"Update item quantity in cart","operationId":"update_cart_item_api_v1_cart_items__item_id__put","security":[{"HTTPBearer":[]}],"parameters":[{"name":"item_id","in":"path","required":true,"schema":{"type":"integer","title":"Item Id"}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CartUpdateItem"}}}},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Cart"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/orders/coupons":{"get":{"tags":["orders"],"summary":"List Coupons","description":"VULNERABLE: Information disclosure - Lists ALL coupon codes including internal/secret ones.\nShould only return public coupons (is_public=True), but returns everything.\nNo authentication required.","operationId":"list_coupons_api_v1_orders_coupons_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/CouponInfo"},"type":"array","title":"Response List Coupons Api V1 Orders Coupons Get"}}}}}}},"/api/v1/orders/":{"get":{"tags":["orders"],"summary":"Get User Orders","description":"Get all orders for current user","operationId":"get_user_orders_api_v1_orders__get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/Order"},"type":"array","title":"Response Get User Orders Api V1 Orders  Get"}}}}},"security":[{"HTTPBearer":[]}]},"post":{"tags":["orders"],"summary":"Create Order","description":"Create order from current user's cart","operationId":"create_order_api_v1_orders__post","responses":{"201":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Order"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/orders/{order_id}":{"get":{"tags":["orders"],"summary":"Get Order","description":"VULNERABLE: IDOR - Get order details without user ownership check.\nAnyone can access any order by ID, exposing other users' order information.","operationId":"get_order_api_v1_orders__order_id__get","parameters":[{"name":"order_id","in":"path","required":true,"schema":{"type":"integer","title":"Order Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Order"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/orders/referrer":{"get":{"tags":["orders"],"summary":"Get Referrer","operationId":"get_referrer_api_v1_orders_referrer_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}}}}},"/api/v1/orders/coupons/validate":{"get":{"tags":["orders"],"summary":"Validate Coupon","description":"VULNERABLE: Coupon enumeration - Returns different messages for valid/invalid codes.\nAllows attackers to enumerate valid coupon codes.","operationId":"validate_coupon_api_v1_orders_coupons_validate_get","parameters":[{"name":"code","in":"query","required":true,"schema":{"type":"string","description":"Coupon code to validate","title":"Code"},"description":"Coupon code to validate"}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CouponResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/orders/checkout":{"post":{"tags":["orders"],"summary":"Checkout With Coupon","description":"VULNERABLE: Multiple coupon vulnerabilities:\n- Expired coupons still work (no date validation)\n- Inactive coupons still work (no active check)\n- Coupons can be reused unlimited times (no usage tracking)\n- No validation that coupon discount is reasonable\n\nVULNERABLE: Shipping cost bypass:\n- Client can manipulate shipping_cost field\n- No server-side calculation based on weight, distance, method\n- Allows ordering with $0.01 shipping or any arbitrary amount","operationId":"checkout_with_coupon_api_v1_orders_checkout_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CheckoutRequest"}}},"required":true},"responses":{"201":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Order"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/testimonials/":{"get":{"tags":["testimonials"],"summary":"List Testimonials","description":"List all testimonials with pagination","operationId":"list_testimonials_api_v1_testimonials__get","parameters":[{"name":"skip","in":"query","required":false,"schema":{"type":"integer","minimum":0,"default":0,"title":"Skip"}},{"name":"limit","in":"query","required":false,"schema":{"type":"integer","maximum":100,"minimum":1,"default":10,"title":"Limit"}},{"name":"featured_only","in":"query","required":false,"schema":{"type":"boolean","default":false,"title":"Featured Only"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/Testimonial"},"title":"Response List Testimonials Api V1 Testimonials  Get"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}},"post":{"tags":["testimonials"],"summary":"Create Testimonial","description":"Create a new testimonial as logged-in user","operationId":"create_testimonial_api_v1_testimonials__post","security":[{"HTTPBearer":[]}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/TestimonialCreate"}}}},"responses":{"201":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Testimonial"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/testimonials/{testimonial_id}":{"get":{"tags":["testimonials"],"summary":"Get Testimonial","description":"Get testimonial by ID","operationId":"get_testimonial_api_v1_testimonials__testimonial_id__get","parameters":[{"name":"testimonial_id","in":"path","required":true,"schema":{"type":"integer","title":"Testimonial Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Testimonial"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}},"put":{"tags":["testimonials"],"summary":"Update Testimonial","description":"Update a testimonial","operationId":"update_testimonial_api_v1_testimonials__testimonial_id__put","parameters":[{"name":"testimonial_id","in":"path","required":true,"schema":{"type":"integer","title":"Testimonial Id"}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/TestimonialUpdate"}}}},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Testimonial"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}},"delete":{"tags":["testimonials"],"summary":"Delete Testimonial","description":"Delete a testimonial","operationId":"delete_testimonial_api_v1_testimonials__testimonial_id__delete","parameters":[{"name":"testimonial_id","in":"path","required":true,"schema":{"type":"integer","title":"Testimonial Id"}}],"responses":{"204":{"description":"Successful Response"},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/uploads/product":{"post":{"tags":["uploads"],"summary":"Upload Product Image","description":"Upload a product image (admin only)","operationId":"upload_product_image_api_v1_uploads_product_post","requestBody":{"content":{"multipart/form-data":{"schema":{"$ref":"#/components/schemas/Body_upload_product_image_api_v1_uploads_product_post"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/uploads/avatar":{"post":{"tags":["uploads"],"summary":"Upload Avatar","description":"Upload a user avatar","operationId":"upload_avatar_api_v1_uploads_avatar_post","requestBody":{"content":{"multipart/form-data":{"schema":{"$ref":"#/components/schemas/Body_upload_avatar_api_v1_uploads_avatar_post"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/uploads/general":{"post":{"tags":["uploads"],"summary":"Upload General","description":"Upload a general image (for reviews, etc.)","operationId":"upload_general_api_v1_uploads_general_post","requestBody":{"content":{"multipart/form-data":{"schema":{"$ref":"#/components/schemas/Body_upload_general_api_v1_uploads_general_post"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/uploads/import-from-url":{"post":{"tags":["uploads"],"summary":"Import Image From Url","description":"Import an image from an external URL.\n\nThis feature allows users to import images from external sources\n(e.g., other websites, cloud storage) instead of uploading directly.\n\nUseful for:\n- Importing product images from supplier websites\n- Using images already hosted elsewhere\n- Quick image preview before saving\n\nVULNERABLE: SSRF - No URL validation allows access to internal services.","operationId":"import_image_from_url_api_v1_uploads_import_from_url_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ImageImportRequest"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ImageImportResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/uploads/fetch-url":{"get":{"tags":["uploads"],"summary":"Fetch Url","description":"Preview a URL content - used for link previews in product descriptions.\n\nVULNERABLE: SSRF - Fetches any URL without validation.","operationId":"fetch_url_api_v1_uploads_fetch_url_get","parameters":[{"name":"url","in":"query","required":true,"schema":{"type":"string","description":"URL to fetch and preview","title":"Url"},"description":"URL to fetch and preview"}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UrlFetchResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/admin/stats":{"get":{"tags":["admin"],"summary":"Get Dashboard Stats","description":"Get dashboard statistics","operationId":"get_dashboard_stats_api_v1_admin_stats_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DashboardStats"}}}}},"security":[{"HTTPBearer":[]}]}},"/api/v1/admin/recent-orders":{"get":{"tags":["admin"],"summary":"Get Recent Orders","description":"Get recent orders for dashboard","operationId":"get_recent_orders_api_v1_admin_recent_orders_get","security":[{"HTTPBearer":[]}],"parameters":[{"name":"limit","in":"query","required":false,"schema":{"type":"integer","default":10,"title":"Limit"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/RecentOrder"},"title":"Response Get Recent Orders Api V1 Admin Recent Orders Get"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/admin/users":{"get":{"tags":["admin"],"summary":"List All Users","description":"VULNERABLE: Broken Access Control - Missing admin role check.\nAny authenticated user can access this admin endpoint.","operationId":"list_all_users_api_v1_admin_users_get","security":[{"HTTPBearer":[]}],"parameters":[{"name":"skip","in":"query","required":false,"schema":{"type":"integer","default":0,"title":"Skip"}},{"name":"limit","in":"query","required":false,"schema":{"type":"integer","default":100,"title":"Limit"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/User"},"title":"Response List All Users Api V1 Admin Users Get"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/admin/users/{user_uuid}":{"delete":{"tags":["admin"],"summary":"Delete User","description":"Delete a user","operationId":"delete_user_api_v1_admin_users__user_uuid__delete","security":[{"HTTPBearer":[]}],"parameters":[{"name":"user_uuid","in":"path","required":true,"schema":{"type":"string","title":"User Uuid"}}],"responses":{"204":{"description":"Successful Response"},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/admin/products":{"get":{"tags":["admin"],"summary":"List All Products","description":"List all products","operationId":"list_all_products_api_v1_admin_products_get","security":[{"HTTPBearer":[]}],"parameters":[{"name":"skip","in":"query","required":false,"schema":{"type":"integer","default":0,"title":"Skip"}},{"name":"limit","in":"query","required":false,"schema":{"type":"integer","default":100,"title":"Limit"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/Product"},"title":"Response List All Products Api V1 Admin Products Get"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}},"post":{"tags":["admin"],"summary":"Create Product","description":"Create a new product","operationId":"create_product_api_v1_admin_products_post","security":[{"HTTPBearer":[]}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ProductCreate"}}}},"responses":{"201":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Product"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/admin/products/{product_id}":{"put":{"tags":["admin"],"summary":"Update Product","description":"Update a product","operationId":"update_product_api_v1_admin_products__product_id__put","security":[{"HTTPBearer":[]}],"parameters":[{"name":"product_id","in":"path","required":true,"schema":{"type":"integer","title":"Product Id"}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ProductUpdate"}}}},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Product"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}},"delete":{"tags":["admin"],"summary":"Delete Product","description":"Delete a product","operationId":"delete_product_api_v1_admin_products__product_id__delete","security":[{"HTTPBearer":[]}],"parameters":[{"name":"product_id","in":"path","required":true,"schema":{"type":"integer","title":"Product Id"}}],"responses":{"204":{"description":"Successful Response"},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/admin/orders":{"get":{"tags":["admin"],"summary":"List All Orders","description":"List all orders","operationId":"list_all_orders_api_v1_admin_orders_get","security":[{"HTTPBearer":[]}],"parameters":[{"name":"skip","in":"query","required":false,"schema":{"type":"integer","default":0,"title":"Skip"}},{"name":"limit","in":"query","required":false,"schema":{"type":"integer","default":100,"title":"Limit"}},{"name":"status_filter","in":"query","required":false,"schema":{"type":"string","title":"Status Filter"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/admin/orders/{order_id}/status":{"put":{"tags":["admin"],"summary":"Update Order Status","description":"Update order status","operationId":"update_order_status_api_v1_admin_orders__order_id__status_put","security":[{"HTTPBearer":[]}],"parameters":[{"name":"order_id","in":"path","required":true,"schema":{"type":"integer","title":"Order Id"}},{"name":"new_status","in":"query","required":true,"schema":{"type":"string","title":"New Status"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/reviews/product/{product_id}":{"get":{"tags":["reviews"],"summary":"Get Product Reviews","description":"Get all reviews for a product","operationId":"get_product_reviews_api_v1_reviews_product__product_id__get","parameters":[{"name":"product_id","in":"path","required":true,"schema":{"type":"integer","title":"Product Id"}},{"name":"skip","in":"query","required":false,"schema":{"type":"integer","minimum":0,"default":0,"title":"Skip"}},{"name":"limit","in":"query","required":false,"schema":{"type":"integer","maximum":100,"minimum":1,"default":20,"title":"Limit"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/ReviewResponse"},"title":"Response Get Product Reviews Api V1 Reviews Product  Product Id  Get"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}},"post":{"tags":["reviews"],"summary":"Create Review","description":"Create a review for a product","operationId":"create_review_api_v1_reviews_product__product_id__post","security":[{"HTTPBearer":[]}],"parameters":[{"name":"product_id","in":"path","required":true,"schema":{"type":"integer","title":"Product Id"}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ReviewCreate"}}}},"responses":{"201":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ReviewResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/reviews/product/{product_id}/stats":{"get":{"tags":["reviews"],"summary":"Get Product Stats","description":"Get product statistics: rating, review count, order count, stock","operationId":"get_product_stats_api_v1_reviews_product__product_id__stats_get","parameters":[{"name":"product_id","in":"path","required":true,"schema":{"type":"integer","title":"Product Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ProductStats"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/api/v1/reviews/{review_id}":{"delete":{"tags":["reviews"],"summary":"Delete Review","description":"Delete a review (only owner or admin)","operationId":"delete_review_api_v1_reviews__review_id__delete","security":[{"HTTPBearer":[]}],"parameters":[{"name":"review_id","in":"path","required":true,"schema":{"type":"integer","title":"Review Id"}}],"responses":{"204":{"description":"Successful Response"},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/health":{"get":{"summary":"Health Check","description":"Health check endpoint","operationId":"health_check_health_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}}}}}},"components":{"schemas":{"Body_upload_avatar_api_v1_uploads_avatar_post":{"properties":{"file":{"type":"string","format":"binary","title":"File"}},"type":"object","required":["file"],"title":"Body_upload_avatar_api_v1_uploads_avatar_post"},"Body_upload_general_api_v1_uploads_general_post":{"properties":{"file":{"type":"string","format":"binary","title":"File"}},"type":"object","required":["file"],"title":"Body_upload_general_api_v1_uploads_general_post"},"Body_upload_product_image_api_v1_uploads_product_post":{"properties":{"file":{"type":"string","format":"binary","title":"File"}},"type":"object","required":["file"],"title":"Body_upload_product_image_api_v1_uploads_product_post"},"Cart":{"properties":{"id":{"type":"integer","title":"Id"},"user_id":{"type":"string","format":"uuid","title":"User Id"},"items":{"items":{"$ref":"#/components/schemas/CartItem"},"type":"array","title":"Items","default":[]},"created_at":{"type":"string","format":"date-time","title":"Created At"},"updated_at":{"type":"string","format":"date-time","title":"Updated At"}},"type":"object","required":["id","user_id","created_at","updated_at"],"title":"Cart"},"CartAddItem":{"properties":{"product_id":{"type":"integer","title":"Product Id"},"quantity":{"type":"integer","title":"Quantity"}},"type":"object","required":["product_id","quantity"],"title":"CartAddItem"},"CartItem":{"properties":{"product_id":{"type":"integer","title":"Product Id"},"quantity":{"type":"integer","title":"Quantity"},"id":{"type":"integer","title":"Id"},"product":{"$ref":"#/components/schemas/Product"}},"type":"object","required":["product_id","quantity","id","product"],"title":"CartItem"},"CartUpdateItem":{"properties":{"quantity":{"type":"integer","title":"Quantity"}},"type":"object","required":["quantity"],"title":"CartUpdateItem"},"CheckoutRequest":{"properties":{"shipping":{"$ref":"#/components/schemas/ShippingInfo"},"coupon_code":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Coupon Code"}},"type":"object","required":["shipping"],"title":"CheckoutRequest"},"CouponInfo":{"properties":{"id":{"type":"integer","title":"Id"},"code":{"type":"string","title":"Code"},"discount_percent":{"type":"number","title":"Discount Percent"},"max_uses":{"type":"integer","title":"Max Uses"},"current_uses":{"type":"integer","title":"Current Uses"},"expires_at":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Expires At"},"is_active":{"type":"boolean","title":"Is Active"},"is_public":{"type":"boolean","title":"Is Public"}},"type":"object","required":["id","code","discount_percent","max_uses","current_uses","expires_at","is_active","is_public"],"title":"CouponInfo"},"CouponResponse":{"properties":{"code":{"type":"string","title":"Code"},"discount_percent":{"type":"number","title":"Discount Percent"},"is_valid":{"type":"boolean","title":"Is Valid"},"message":{"type":"string","title":"Message"}},"type":"object","required":["code","discount_percent","is_valid","message"],"title":"CouponResponse"},"DashboardStats":{"properties":{"total_users":{"type":"integer","title":"Total Users"},"total_products":{"type":"integer","title":"Total Products"},"total_orders":{"type":"integer","title":"Total Orders"},"total_testimonials":{"type":"integer","title":"Total Testimonials"},"total_revenue":{"type":"number","title":"Total Revenue"},"pending_orders":{"type":"integer","title":"Pending Orders"},"low_stock_products":{"type":"integer","title":"Low Stock Products"}},"type":"object","required":["total_users","total_products","total_orders","total_testimonials","total_revenue","pending_orders","low_stock_products"],"title":"DashboardStats"},"HTTPValidationError":{"properties":{"detail":{"items":{"$ref":"#/components/schemas/ValidationError"},"type":"array","title":"Detail"}},"type":"object","title":"HTTPValidationError"},"ImageImportRequest":{"properties":{"url":{"type":"string","title":"Url"}},"type":"object","required":["url"],"title":"ImageImportRequest"},"ImageImportResponse":{"properties":{"url":{"type":"string","title":"Url"},"status_code":{"type":"integer","title":"Status Code"},"content_type":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Content Type"},"content_length":{"type":"integer","title":"Content Length"},"is_valid_image":{"type":"boolean","title":"Is Valid Image"},"preview":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Preview"}},"type":"object","required":["url","status_code","content_type","content_length","is_valid_image","preview"],"title":"ImageImportResponse"},"LoginResponse":{"properties":{"access_token":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Access Token"},"token_type":{"type":"string","title":"Token Type","default":"bearer"},"requires_totp":{"type":"boolean","title":"Requires Totp","default":false},"temp_token":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Temp Token"}},"type":"object","title":"LoginResponse"},"Order":{"properties":{"id":{"type":"integer","title":"Id"},"user_id":{"type":"string","format":"uuid","title":"User Id"},"total_price":{"type":"number","title":"Total Price"},"status":{"type":"string","title":"Status"},"items":{"items":{"$ref":"#/components/schemas/OrderItem"},"type":"array","title":"Items","default":[]},"created_at":{"type":"string","format":"date-time","title":"Created At"},"shipping_first_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Shipping First Name"},"shipping_last_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Shipping Last Name"},"shipping_address":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Shipping Address"},"shipping_city":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Shipping City"},"shipping_zip":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Shipping Zip"},"shipping_country":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Shipping Country"},"shipping_phone":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Shipping Phone"},"shipping_method":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Shipping Method"},"shipping_cost":{"anyOf":[{"type":"number"},{"type":"null"}],"title":"Shipping Cost"},"estimated_delivery":{"anyOf":[{"type":"string","format":"date-time"},{"type":"null"}],"title":"Estimated Delivery"}},"type":"object","required":["id","user_id","total_price","status","created_at"],"title":"Order"},"OrderItem":{"properties":{"product_id":{"type":"integer","title":"Product Id"},"quantity":{"type":"integer","title":"Quantity"},"price":{"type":"number","title":"Price"},"id":{"type":"integer","title":"Id"},"product":{"$ref":"#/components/schemas/Product"}},"type":"object","required":["product_id","quantity","price","id","product"],"title":"OrderItem"},"Product":{"properties":{"name":{"type":"string","title":"Name"},"description":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Description"},"price":{"type":"number","title":"Price"},"stock":{"type":"integer","title":"Stock"},"color":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Color"},"material":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Material"},"size":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Size"},"image_url":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Image Url"},"id":{"type":"integer","title":"Id"},"created_at":{"type":"string","format":"date-time","title":"Created At"}},"type":"object","required":["name","price","stock","id","created_at"],"title":"Product"},"ProductCreate":{"properties":{"name":{"type":"string","title":"Name"},"description":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Description"},"price":{"type":"number","title":"Price"},"stock":{"type":"integer","title":"Stock"},"color":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Color"},"material":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Material"},"size":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Size"},"image_url":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Image Url"}},"type":"object","required":["name","price","stock"],"title":"ProductCreate"},"ProductStats":{"properties":{"product_id":{"type":"integer","title":"Product Id"},"average_rating":{"type":"number","title":"Average Rating"},"review_count":{"type":"integer","title":"Review Count"},"order_count":{"type":"integer","title":"Order Count"},"stock":{"type":"integer","title":"Stock"}},"type":"object","required":["product_id","average_rating","review_count","order_count","stock"],"title":"ProductStats"},"ProductUpdate":{"properties":{"name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Name"},"description":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Description"},"price":{"anyOf":[{"type":"number"},{"type":"null"}],"title":"Price"},"stock":{"anyOf":[{"type":"integer"},{"type":"null"}],"title":"Stock"},"color":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Color"},"material":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Material"},"size":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Size"},"image_url":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Image Url"}},"type":"object","title":"ProductUpdate"},"RecentOrder":{"properties":{"id":{"type":"integer","title":"Id"},"user_id":{"type":"string","format":"uuid","title":"User Id"},"username":{"type":"string","title":"Username"},"total_price":{"type":"number","title":"Total Price"},"status":{"type":"string","title":"Status"},"created_at":{"type":"string","title":"Created At"}},"type":"object","required":["id","user_id","username","total_price","status","created_at"],"title":"RecentOrder"},"ReviewCreate":{"properties":{"rating":{"type":"integer","title":"Rating"},"title":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Title"},"content":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Content"},"image_url":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Image Url"}},"type":"object","required":["rating"],"title":"ReviewCreate"},"ReviewResponse":{"properties":{"id":{"type":"integer","title":"Id"},"product_id":{"type":"integer","title":"Product Id"},"user_id":{"type":"string","format":"uuid","title":"User Id"},"user":{"$ref":"#/components/schemas/ReviewUser"},"rating":{"type":"integer","title":"Rating"},"title":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Title"},"content":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Content"},"image_url":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Image Url"},"created_at":{"type":"string","format":"date-time","title":"Created At"}},"type":"object","required":["id","product_id","user_id","user","rating","created_at"],"title":"ReviewResponse"},"ReviewUser":{"properties":{"id":{"type":"string","format":"uuid","title":"Id"},"username":{"type":"string","title":"Username"},"first_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"First Name"},"last_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Last Name"},"avatar_url":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Avatar Url"}},"type":"object","required":["id","username"],"title":"ReviewUser"},"ShippingInfo":{"properties":{"first_name":{"type":"string","title":"First Name"},"last_name":{"type":"string","title":"Last Name"},"address":{"type":"string","title":"Address"},"city":{"type":"string","title":"City"},"zip_code":{"type":"string","title":"Zip Code"},"country":{"type":"string","title":"Country","default":"United States"},"phone":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Phone"},"shipping_method":{"type":"string","title":"Shipping Method","default":"standard"},"shipping_cost":{"type":"number","title":"Shipping Cost","default":5.99}},"type":"object","required":["first_name","last_name","address","city","zip_code"],"title":"ShippingInfo"},"TOTPLoginRequest":{"properties":{"temp_token":{"type":"string","title":"Temp Token"},"totp_code":{"type":"string","title":"Totp Code"}},"type":"object","required":["temp_token","totp_code"],"title":"TOTPLoginRequest"},"TOTPSetupResponse":{"properties":{"secret":{"type":"string","title":"Secret"},"qr_code":{"type":"string","title":"Qr Code"},"manual_entry_key":{"type":"string","title":"Manual Entry Key"}},"type":"object","required":["secret","qr_code","manual_entry_key"],"title":"TOTPSetupResponse"},"TOTPStatusResponse":{"properties":{"enabled":{"type":"boolean","title":"Enabled"}},"type":"object","required":["enabled"],"title":"TOTPStatusResponse"},"TOTPVerifyRequest":{"properties":{"token":{"type":"string","title":"Token"}},"type":"object","required":["token"],"title":"TOTPVerifyRequest"},"Testimonial":{"properties":{"id":{"type":"integer","title":"Id"},"user_id":{"anyOf":[{"type":"string","format":"uuid"},{"type":"null"}],"title":"User Id"},"user":{"anyOf":[{"$ref":"#/components/schemas/UserPublic"},{"type":"null"}]},"guest_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Guest Name"},"guest_role":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Guest Role"},"guest_avatar_url":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Guest Avatar Url"},"content":{"type":"string","title":"Content"},"rating":{"type":"integer","title":"Rating"},"is_featured":{"type":"boolean","title":"Is Featured"},"created_at":{"type":"string","format":"date-time","title":"Created At"},"name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Name"},"role":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Role"},"avatar_url":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Avatar Url"}},"type":"object","required":["id","content","rating","is_featured","created_at"],"title":"Testimonial"},"TestimonialCreate":{"properties":{"content":{"type":"string","title":"Content"},"rating":{"type":"integer","title":"Rating","default":5},"is_featured":{"type":"boolean","title":"Is Featured","default":false}},"type":"object","required":["content"],"title":"TestimonialCreate","description":"Pour créer un témoignage en tant qu'utilisateur connecté"},"TestimonialUpdate":{"properties":{"content":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Content"},"rating":{"anyOf":[{"type":"integer"},{"type":"null"}],"title":"Rating"},"is_featured":{"anyOf":[{"type":"boolean"},{"type":"null"}],"title":"Is Featured"},"guest_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Guest Name"},"guest_role":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Guest Role"},"guest_avatar_url":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Guest Avatar Url"}},"type":"object","title":"TestimonialUpdate"},"Token":{"properties":{"access_token":{"type":"string","title":"Access Token"},"token_type":{"type":"string","title":"Token Type","default":"bearer"}},"type":"object","required":["access_token"],"title":"Token"},"UrlFetchResponse":{"properties":{"url":{"type":"string","title":"Url"},"status_code":{"type":"integer","title":"Status Code"},"content_type":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Content Type"},"content_length":{"type":"integer","title":"Content Length"},"preview":{"type":"string","title":"Preview"}},"type":"object","required":["url","status_code","content_type","content_length","preview"],"title":"UrlFetchResponse"},"User":{"properties":{"username":{"type":"string","title":"Username"},"email":{"type":"string","format":"email","title":"Email"},"id":{"type":"string","format":"uuid","title":"Id"},"created_at":{"type":"string","format":"date-time","title":"Created At"},"role":{"$ref":"#/components/schemas/UserRole"},"first_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"First Name"},"last_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Last Name"},"avatar_url":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Avatar Url"},"bio":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Bio"},"account_credit":{"type":"number","title":"Account Credit","default":0.0},"referral_count":{"type":"integer","title":"Referral Count","default":0},"totp_enabled":{"type":"boolean","title":"Totp Enabled","default":false},"can_be_deleted":{"type":"boolean","title":"Can Be Deleted","default":true}},"type":"object","required":["username","email","id","created_at","role"],"title":"User"},"UserCreate":{"properties":{"username":{"type":"string","title":"Username"},"email":{"type":"string","format":"email","title":"Email"},"password":{"type":"string","title":"Password"},"first_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"First Name"},"last_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Last Name"},"avatar_url":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Avatar Url"},"bio":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Bio"},"referral_code":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Referral Code"}},"type":"object","required":["username","email","password"],"title":"UserCreate"},"UserDetail":{"properties":{"id":{"type":"string","format":"uuid","title":"Id"},"username":{"type":"string","title":"Username"},"email":{"type":"string","format":"email","title":"Email"},"first_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"First Name"},"last_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Last Name"},"avatar_url":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Avatar Url"},"bio":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Bio"},"account_credit":{"type":"number","title":"Account Credit","default":0.0},"referral_count":{"type":"integer","title":"Referral Count","default":0},"role":{"$ref":"#/components/schemas/UserRole"},"created_at":{"type":"string","format":"date-time","title":"Created At"},"totp_enabled":{"type":"boolean","title":"Totp Enabled","default":false},"can_be_deleted":{"type":"boolean","title":"Can Be Deleted","default":true}},"type":"object","required":["id","username","email","role","created_at"],"title":"UserDetail","description":"VULNERABLE: IDOR - Expose toutes les infos sensibles d'un utilisateur"},"UserLogin":{"properties":{"username":{"type":"string","title":"Username"},"password":{"type":"string","title":"Password"}},"type":"object","required":["username","password"],"title":"UserLogin"},"UserPublic":{"properties":{"id":{"type":"string","format":"uuid","title":"Id"},"username":{"type":"string","title":"Username"}},"type":"object","required":["id","username"],"title":"UserPublic","description":"Version publique de l'utilisateur (UUID et username uniquement)"},"UserRole":{"type":"string","enum":["user","admin"],"title":"UserRole"},"UserUpdate":{"properties":{"first_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"First Name"},"last_name":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Last Name"},"avatar_url":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Avatar Url"},"bio":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Bio"},"email":{"anyOf":[{"type":"string","format":"email"},{"type":"null"}],"title":"Email"},"role":{"anyOf":[{"$ref":"#/components/schemas/UserRole"},{"type":"null"}]}},"type":"object","title":"UserUpdate"},"ValidationError":{"properties":{"loc":{"items":{"anyOf":[{"type":"string"},{"type":"integer"}]},"type":"array","title":"Location"},"msg":{"type":"string","title":"Message"},"type":{"type":"string","title":"Error Type"},"input":{"title":"Input"},"ctx":{"type":"object","title":"Context"}},"type":"object","required":["loc","msg","type"],"title":"ValidationError"}},"securitySchemes":{"HTTPBearer":{"type":"http","scheme":"bearer"}}}}