npm - @anzar-auth/core - Versions diffs - 1.5.10 → 1.7.2 - Mend

@anzar-auth/core 1.5.10 → 1.7.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -1,1184 +1,1557 @@
-import * as axios from 'axios';
-import { AxiosInstance, RawAxiosRequestConfig, AxiosPromise } from 'axios';
+import * as openapi_fetch from 'openapi-fetch';
+export { Client, Middleware } from 'openapi-fetch';
 /**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
+ * This file was auto-generated by openapi-typescript.
+ * Do not make direct changes to the file.
  */
-interface AWSv4Configuration {
-    options?: {
-        region?: string;
-        service?: string;
+interface paths {
+    "/auth/login": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        get?: never;
+        put?: never;
+        /**
+         * User login
+         * @description Authenticates a user with email and password.
+         *
+         *     **Session strategy**: Returns a session cookie (`id`) managed by the server.
+         *     **JWT strategy**: Returns `access` and `refresh` in the response body.
+         */
+        post: operations["login"];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
     };
-    credentials?: {
-        accessKeyId?: string;
-        secretAccessKey?: string;
-        sessionToken?: string;
+    "/auth/logout": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        get?: never;
+        put?: never;
+        /**
+         * Logout
+         * @description Invalidates the current session and refresh token. The client should discard all stored tokens and cookies after this call.
+         */
+        post: operations["logout"];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
+    "/auth/password/forgot": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        get?: never;
+        put?: never;
+        /**
+         * Request a password reset
+         * @description Sends a password reset link to the provided email address if an account exists.
+         *
+         *     **Note**: Always returns `200` regardless of whether the email exists to prevent user enumeration attacks.
+         */
+        post: operations["forgotPassword"];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
+    "/auth/password/reset": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /**
+         * Render password reset form
+         * @description Validates the password reset token from the email link and renders an HTML form to set a new password. The token is single-use and expires after a short window.
+         */
+        get: operations["renderPasswordResetForm"];
+        put?: never;
+        /**
+         * Submit new password
+         * @description Submits a new password using a valid reset token. The token is invalidated immediately after use. Accepts a form submission (not JSON) since it is rendered from an HTML form.
+         */
+        post: operations["submitNewPassword"];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
+    "/auth/refresh-token": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        get?: never;
+        put?: never;
+        /**
+         * Refresh access token
+         * @description Issues a new access token using a valid refresh token. Refresh tokens are rotated on each call — the old token is invalidated immediately.
+         */
+        post: operations["refreshToken"];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
+    "/auth/register": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        get?: never;
+        put?: never;
+        /**
+         * Register a new user
+         * @description Creates a new user account with email and password.
+         *
+         *     **Session strategy**: Returns a session cookie (`id`) managed by the server.
+         *     **JWT strategy**: Returns `access` and `refresh` in the response body.
+         */
+        post: operations["register"];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
+    "/auth/session": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /**
+         * Get current session
+         * @description Returns the currently authenticated user's session data. Requires either a valid Bearer token or an active session cookie.
+         */
+        get: operations["getSession"];
+        put?: never;
+        post?: never;
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
+    "/email/verify": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /**
+         * Verify user email
+         * @description Validates the email verification token and activates the user account. On success, redirects the user to the confirmation page.
+         */
+        get: operations["verify_email"];
+        put?: never;
+        post?: never;
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
+    "/permission": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        get?: never;
+        put?: never;
+        /**
+         * Create or update a permission
+         * @description Upserts a permission by action and resource. If it already exists it is updated, otherwise created. Requires admin privileges.
+         */
+        post: operations["createPermission"];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
+    "/role": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        get?: never;
+        put?: never;
+        /**
+         * Create or update a role
+         * @description Upserts a role by name. If it already exists it is updated, otherwise created. Requires admin privileges.
+         */
+        post: operations["createRole"];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
+    "/role/{id}/permission": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        get?: never;
+        put?: never;
+        /**
+         * Assign a permission to a role
+         * @description Assigns an existing permission to the specified role. Requires admin privileges.
+         */
+        post: operations["assignPermissionToRole"];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
+    "/user": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /**
+         * Get current User
+         * @description Returns the currently authenticated user's profile. Requires either a valid Bearer token or an active session cookie.
+         */
+        get: operations["find_user"];
+        put?: never;
+        post?: never;
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
+    "/user/role": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        get?: never;
+        put?: never;
+        /**
+         * Assign a role to user
+         * @description Assigns the specified role to a target user. Requires an authenticated session with sufficient privileges (admin only).
+         */
+        post: operations["assign_role"];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
     };
 }
-interface ConfigurationParameters {
-    apiKey?: string | Promise<string> | ((name: string) => string) | ((name: string) => Promise<string>);
-    username?: string;
-    password?: string;
-    accessToken?: string | Promise<string> | ((name?: string, scopes?: string[]) => string) | ((name?: string, scopes?: string[]) => Promise<string>);
-    awsv4?: AWSv4Configuration;
-    basePath?: string;
-    serverIndex?: number;
-    baseOptions?: any;
-    formDataCtor?: new () => any;
-}
-declare class Configuration {
-    /**
-     * parameter for apiKey security
-     * @param name security name
-     */
-    apiKey?: string | Promise<string> | ((name: string) => string) | ((name: string) => Promise<string>);
-    /**
-     * parameter for basic security
-     */
-    username?: string;
-    /**
-     * parameter for basic security
-     */
-    password?: string;
-    /**
-     * parameter for oauth2 security
-     * @param name security name
-     * @param scopes oauth2 scope
-     */
-    accessToken?: string | Promise<string> | ((name?: string, scopes?: string[]) => string) | ((name?: string, scopes?: string[]) => Promise<string>);
-    /**
-     * parameter for aws4 signature security
-     * @param {Object} AWS4Signature - AWS4 Signature security
-     * @param {string} options.region - aws region
-     * @param {string} options.service - name of the service.
-     * @param {string} credentials.accessKeyId - aws access key id
-     * @param {string} credentials.secretAccessKey - aws access key
-     * @param {string} credentials.sessionToken - aws session token
-     * @memberof Configuration
-     */
-    awsv4?: AWSv4Configuration;
-    /**
-     * override base path
-     */
-    basePath?: string;
-    /**
-     * override server index
-     */
-    serverIndex?: number;
-    /**
-     * base options for axios calls
-     */
-    baseOptions?: any;
-    /**
-     * The FormData constructor that will be used to create multipart form data
-     * requests. You can inject this here so that execution environments that
-     * do not support the FormData class can still run the generated client.
-     *
-     * @type {new () => FormData}
-     */
-    formDataCtor?: new () => any;
-    constructor(param?: ConfigurationParameters);
-    /**
-     * Check if the given MIME is a JSON MIME.
-     * JSON MIME examples:
-     *   application/json
-     *   application/json; charset=UTF8
-     *   APPLICATION/JSON
-     *   application/vnd.company+json
-     * @param mime - MIME (Multipurpose Internet Mail Extensions)
-     * @return True if the given MIME is JSON, false otherwise.
-     */
-    isJsonMime(mime: string): boolean;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface RequestArgs {
-    url: string;
-    options: RawAxiosRequestConfig;
-}
-declare class BaseAPI {
-    protected basePath: string;
-    protected axios: AxiosInstance;
-    protected configuration: Configuration | undefined;
-    constructor(configuration?: Configuration, basePath?: string, axios?: AxiosInstance);
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-declare const AlgorithmConfig: {
-    readonly Hs256: "HS256";
-    readonly Hs384: "HS384";
-    readonly Hs512: "HS512";
-    readonly Es256: "ES256";
-    readonly Es384: "ES384";
-    readonly Rs256: "RS256";
-    readonly Rs384: "RS384";
-    readonly Rs512: "RS512";
-    readonly Ps256: "PS256";
-    readonly Ps384: "PS384";
-    readonly Ps512: "PS512";
-    readonly EdDsa: "EdDSA";
-};
-type AlgorithmConfig = typeof AlgorithmConfig[keyof typeof AlgorithmConfig];
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface App {
-    'environment': string;
-    'url': string;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-declare const AuthStrategy: {
-    readonly Session: "Session";
-    readonly Jwt: "Jwt";
-};
-type AuthStrategy = typeof AuthStrategy[keyof typeof AuthStrategy];
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface EmailVerification {
-    'error_redirect'?: string | null;
-    'required'?: boolean;
-    'success_redirect'?: string | null;
-    'token_expires_in'?: number;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface EmailConfig {
-    'verification'?: EmailVerification;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface JwtConfig {
-    'access_token_expires_in'?: number;
-    'algorithm'?: AlgorithmConfig;
-    'audience'?: string;
-    'issuer'?: string;
-    'refresh_token_expires_in'?: number;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface PasswordRequirements {
-    'max_length'?: number;
-    'min_length'?: number;
-    'require_number'?: boolean;
-    'require_special_char'?: boolean;
-    'require_uppercase'?: boolean;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface PasswordReset {
-    'error_redirect'?: string | null;
-    'success_redirect'?: string | null;
-    'token_expires_in'?: number;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface PasswordSecurity {
-    'lockout_duration'?: number;
-    'max_failed_attempts'?: number;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface PasswordConfig {
-    'requirements'?: PasswordRequirements;
-    'reset'?: PasswordReset;
-    'security'?: PasswordSecurity;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-declare const SameSiteConfig: {
-    readonly Strict: "Strict";
-    readonly Lax: "Lax";
-    readonly None: "None";
-};
-type SameSiteConfig = typeof SameSiteConfig[keyof typeof SameSiteConfig];
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface SessionConfig {
-    'http_only'?: boolean;
-    'max_age'?: number;
-    'name'?: string;
-    'same_site'?: SameSiteConfig;
-    'secure'?: boolean;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface Authentication {
-    'email'?: EmailConfig;
-    'jwt'?: JwtConfig;
-    'password'?: PasswordConfig;
-    'session'?: SessionConfig;
-    'strategy'?: AuthStrategy;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-declare const CacheDriver: {
-    readonly MemCached: "MemCached";
-    readonly Redis: "Redis";
-};
-type CacheDriver = typeof CacheDriver[keyof typeof CacheDriver];
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface Cache {
-    'driver': CacheDriver;
-    'url': string;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-declare const DatabaseDriver: {
-    readonly SqLite: "SQLite";
-    readonly PostgreSql: "PostgreSQL";
-    readonly MongoDb: "MongoDB";
-};
-type DatabaseDriver = typeof DatabaseDriver[keyof typeof DatabaseDriver];
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface Database {
-    'cache': Cache;
-    'connection_string': string;
-    'driver': DatabaseDriver;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface Security {
-    'headers'?: Array<Array<any>>;
-    'secret_key': string;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface CorsConfig {
-    'allow_credentials'?: boolean;
-    'allowed_headers'?: Array<string>;
-    'allowed_methods'?: Array<string>;
-    'allowed_origins'?: Array<string>;
-    'enabled'?: boolean;
-    'max_age'?: number;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface HttpsConfig {
-    'cert_path'?: string | null;
-    'enabled'?: boolean;
-    'key_path'?: string | null;
-    'port'?: number;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface Server {
-    'cors'?: CorsConfig;
-    'https'?: HttpsConfig;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface AnzarConfiguration {
-    'app': App;
-    'auth'?: Authentication;
-    'database': Database;
-    'security': Security;
-    'server'?: Server;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-/**
- * SessionTokens model
- */
-interface SessionTokens {
-    'access': string;
-    'expires_in': number;
-    'refresh': string;
-    'token_type': string;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-declare const Role: {
-    readonly User: "User";
-    readonly Admin: "Admin";
-};
-type Role = typeof Role[keyof typeof Role];
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface User {
-    '_id'?: string | null;
-    'createdAt': string;
-    'email': string;
-    'role': Role;
-    'username': string;
-    'verified': boolean;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-/**
- * Verification model
- */
-interface Verification {
-    'link': string;
-    'token': string;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface AuthResponse {
-    'tokens'?: SessionTokens | null;
-    'user': User;
-    'verification'?: Verification | null;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface EmailRequest {
-    'email': string;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-declare const ErrorCode: {
-    readonly InvalidToken: "InvalidToken";
-    readonly TokenNotFound: "TokenNotFound";
-    readonly TokenExpired: "TokenExpired";
-    readonly TokenAlreadyUsed: "TokenAlreadyUsed";
-    readonly TokenCreationFailed: "TokenCreationFailed";
-    readonly TokenRevocationFailed: "TokenRevocationFailed";
-    readonly AccountNotVerified: "AccountNotVerified";
-    readonly InvalidCredentials: "InvalidCredentials";
-    readonly MissingCredentials: "MissingCredentials";
-    readonly AccountSuspended: "AccountSuspended";
-    readonly UserNotFound: "UserNotFound";
-    readonly RateLimitExceeded: "RateLimitExceeded";
-    readonly EmailSendFailed: "EmailSendFailed";
-    readonly TlsConfig: "TlsConfig";
-    readonly HashingFailure: "HashingFailure";
-    readonly MalformedData: "MalformedData";
-    readonly DatabaseError: "DatabaseError";
-    readonly InvalidRequest: "InvalidRequest";
-    readonly UnsupportedMediaType: "UnsupportedMediaType";
-    readonly BadRequest: "BadRequest";
-    readonly InternalServerError: "InternalServerError";
-};
-type ErrorCode = typeof ErrorCode[keyof typeof ErrorCode];
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface ErrorResponse {
-    'code': ErrorCode;
-    'details'?: any;
-    'message': string;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface LoginRequest {
-    'email': string;
-    'password': string;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface RefreshTokenRequest {
-    'refresh_token': string;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface RegisterRequest {
-    'email': string;
-    'password': string;
-    'username': string;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface ResetLink {
-    'expires_at': string;
-    'link': string;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface ResetPasswordRequest {
-    'csrf_token': string;
-    'password': string;
-    'token': string;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface Session {
-    '_id'?: string | null;
-    'expiresAt': string;
-    'issuedAt': string;
-    'token': string;
-    'usedAt'?: string | null;
-    'userId'?: string;
-}
-/**
- * Anzar Software API
- * REST API for the Anzar platform. All protected routes require a Bearer token.
- *
- * The version of the OpenAPI document: 0.7.15
- * Contact: dev@anzar.io
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-interface TokenQuery {
-    'token': string;
-}
-/**
- * AuthApi - axios parameter creator
- */
-declare const AuthApiAxiosParamCreator: (configuration?: Configuration) => {
-    /**
-     * Returns the currently authenticated user\'s session data. Requires a valid Bearer token.
-     * @summary Get current session
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    getSession: (options?: RawAxiosRequestConfig) => Promise<RequestArgs>;
-    /**
-     * Authenticates a user with email and password.  **Session strategy**: Returns a session cookie (`id`) managed by the server. **JWT strategy**: Returns `access` and `refresh` in the response body.
-     * @summary User login
-     * @param {LoginRequest} loginRequest User login credentials
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    login: (loginRequest: LoginRequest, options?: RawAxiosRequestConfig) => Promise<RequestArgs>;
-    /**
-     * Invalidates the current session and refresh token. The client should discard stored tokens.
-     * @summary Logout
-     * @param {RefreshTokenRequest} refreshTokenRequest
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    logout: (refreshTokenRequest: RefreshTokenRequest, options?: RawAxiosRequestConfig) => Promise<RequestArgs>;
-    /**
-     * Issues a new access token using a valid refresh token. Rotate refresh tokens on each call.
-     * @summary Refresh access token
-     * @param {RefreshTokenRequest} refreshTokenRequest
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    refreshToken: (refreshTokenRequest: RefreshTokenRequest, options?: RawAxiosRequestConfig) => Promise<RequestArgs>;
-    /**
-     * Creates a new user account with email and password.  **Session strategy**: Returns a session cookie (`id`) managed by the server. **JWT strategy**: Returns `access` and `refresh` in the response body.
-     * @summary Register a new user
-     * @param {RegisterRequest} registerRequest User register credentials
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    register: (registerRequest: RegisterRequest, options?: RawAxiosRequestConfig) => Promise<RequestArgs>;
-    /**
-     * Validates the reset token from the email link and renders the password reset form.
-     * @summary Render password reset form
-     * @param {TokenQuery} token Password reset token
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    renderResetForm: (token: TokenQuery, options?: RawAxiosRequestConfig) => Promise<RequestArgs>;
-    /**
-     * Sends a password reset link to the provided email address if an account exists.
-     * @summary Request a password reset
-     * @param {EmailRequest} emailRequest Email address to send the reset link to
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    requestPasswordReset: (emailRequest: EmailRequest, options?: RawAxiosRequestConfig) => Promise<RequestArgs>;
-    /**
-     * Submits a new password using a valid reset token. Invalidates the token after use.
-     * @summary Submit new password
-     * @param {ResetPasswordRequest} resetPasswordRequest Reset token and the new password
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    submitNewPassword: (resetPasswordRequest: ResetPasswordRequest, options?: RawAxiosRequestConfig) => Promise<RequestArgs>;
-};
-/**
- * AuthApi - functional programming interface
- */
-declare const AuthApiFp: (configuration?: Configuration) => {
-    /**
-     * Returns the currently authenticated user\'s session data. Requires a valid Bearer token.
-     * @summary Get current session
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    getSession(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Session>>;
-    /**
-     * Authenticates a user with email and password.  **Session strategy**: Returns a session cookie (`id`) managed by the server. **JWT strategy**: Returns `access` and `refresh` in the response body.
-     * @summary User login
-     * @param {LoginRequest} loginRequest User login credentials
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    login(loginRequest: LoginRequest, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<AuthResponse>>;
-    /**
-     * Invalidates the current session and refresh token. The client should discard stored tokens.
-     * @summary Logout
-     * @param {RefreshTokenRequest} refreshTokenRequest
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    logout(refreshTokenRequest: RefreshTokenRequest, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<void>>;
-    /**
-     * Issues a new access token using a valid refresh token. Rotate refresh tokens on each call.
-     * @summary Refresh access token
-     * @param {RefreshTokenRequest} refreshTokenRequest
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    refreshToken(refreshTokenRequest: RefreshTokenRequest, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<AuthResponse>>;
-    /**
-     * Creates a new user account with email and password.  **Session strategy**: Returns a session cookie (`id`) managed by the server. **JWT strategy**: Returns `access` and `refresh` in the response body.
-     * @summary Register a new user
-     * @param {RegisterRequest} registerRequest User register credentials
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    register(registerRequest: RegisterRequest, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<AuthResponse>>;
-    /**
-     * Validates the reset token from the email link and renders the password reset form.
-     * @summary Render password reset form
-     * @param {TokenQuery} token Password reset token
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    renderResetForm(token: TokenQuery, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<string>>;
-    /**
-     * Sends a password reset link to the provided email address if an account exists.
-     * @summary Request a password reset
-     * @param {EmailRequest} emailRequest Email address to send the reset link to
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    requestPasswordReset(emailRequest: EmailRequest, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<ResetLink>>;
-    /**
-     * Submits a new password using a valid reset token. Invalidates the token after use.
-     * @summary Submit new password
-     * @param {ResetPasswordRequest} resetPasswordRequest Reset token and the new password
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    submitNewPassword(resetPasswordRequest: ResetPasswordRequest, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<void>>;
-};
-/**
- * AuthApi - factory interface
- */
-declare const AuthApiFactory: (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) => {
-    /**
-     * Returns the currently authenticated user\'s session data. Requires a valid Bearer token.
-     * @summary Get current session
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    getSession(options?: RawAxiosRequestConfig): AxiosPromise<Session>;
-    /**
-     * Authenticates a user with email and password.  **Session strategy**: Returns a session cookie (`id`) managed by the server. **JWT strategy**: Returns `access` and `refresh` in the response body.
-     * @summary User login
-     * @param {LoginRequest} loginRequest User login credentials
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    login(loginRequest: LoginRequest, options?: RawAxiosRequestConfig): AxiosPromise<AuthResponse>;
-    /**
-     * Invalidates the current session and refresh token. The client should discard stored tokens.
-     * @summary Logout
-     * @param {RefreshTokenRequest} refreshTokenRequest
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    logout(refreshTokenRequest: RefreshTokenRequest, options?: RawAxiosRequestConfig): AxiosPromise<void>;
-    /**
-     * Issues a new access token using a valid refresh token. Rotate refresh tokens on each call.
-     * @summary Refresh access token
-     * @param {RefreshTokenRequest} refreshTokenRequest
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    refreshToken(refreshTokenRequest: RefreshTokenRequest, options?: RawAxiosRequestConfig): AxiosPromise<AuthResponse>;
-    /**
-     * Creates a new user account with email and password.  **Session strategy**: Returns a session cookie (`id`) managed by the server. **JWT strategy**: Returns `access` and `refresh` in the response body.
-     * @summary Register a new user
-     * @param {RegisterRequest} registerRequest User register credentials
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    register(registerRequest: RegisterRequest, options?: RawAxiosRequestConfig): AxiosPromise<AuthResponse>;
-    /**
-     * Validates the reset token from the email link and renders the password reset form.
-     * @summary Render password reset form
-     * @param {TokenQuery} token Password reset token
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    renderResetForm(token: TokenQuery, options?: RawAxiosRequestConfig): AxiosPromise<string>;
-    /**
-     * Sends a password reset link to the provided email address if an account exists.
-     * @summary Request a password reset
-     * @param {EmailRequest} emailRequest Email address to send the reset link to
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    requestPasswordReset(emailRequest: EmailRequest, options?: RawAxiosRequestConfig): AxiosPromise<ResetLink>;
-    /**
-     * Submits a new password using a valid reset token. Invalidates the token after use.
-     * @summary Submit new password
-     * @param {ResetPasswordRequest} resetPasswordRequest Reset token and the new password
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    submitNewPassword(resetPasswordRequest: ResetPasswordRequest, options?: RawAxiosRequestConfig): AxiosPromise<void>;
-};
-/**
- * AuthApi - object-oriented interface
- */
-declare class AuthApi extends BaseAPI {
-    /**
-     * Returns the currently authenticated user\'s session data. Requires a valid Bearer token.
-     * @summary Get current session
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    getSession(options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<Session, any, {}>>;
-    /**
-     * Authenticates a user with email and password.  **Session strategy**: Returns a session cookie (`id`) managed by the server. **JWT strategy**: Returns `access` and `refresh` in the response body.
-     * @summary User login
-     * @param {LoginRequest} loginRequest User login credentials
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    login(loginRequest: LoginRequest, options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<AuthResponse, any, {}>>;
-    /**
-     * Invalidates the current session and refresh token. The client should discard stored tokens.
-     * @summary Logout
-     * @param {RefreshTokenRequest} refreshTokenRequest
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    logout(refreshTokenRequest: RefreshTokenRequest, options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<void, any, {}>>;
-    /**
-     * Issues a new access token using a valid refresh token. Rotate refresh tokens on each call.
-     * @summary Refresh access token
-     * @param {RefreshTokenRequest} refreshTokenRequest
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    refreshToken(refreshTokenRequest: RefreshTokenRequest, options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<AuthResponse, any, {}>>;
-    /**
-     * Creates a new user account with email and password.  **Session strategy**: Returns a session cookie (`id`) managed by the server. **JWT strategy**: Returns `access` and `refresh` in the response body.
-     * @summary Register a new user
-     * @param {RegisterRequest} registerRequest User register credentials
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    register(registerRequest: RegisterRequest, options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<AuthResponse, any, {}>>;
-    /**
-     * Validates the reset token from the email link and renders the password reset form.
-     * @summary Render password reset form
-     * @param {TokenQuery} token Password reset token
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    renderResetForm(token: TokenQuery, options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<string, any, {}>>;
-    /**
-     * Sends a password reset link to the provided email address if an account exists.
-     * @summary Request a password reset
-     * @param {EmailRequest} emailRequest Email address to send the reset link to
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    requestPasswordReset(emailRequest: EmailRequest, options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<ResetLink, any, {}>>;
-    /**
-     * Submits a new password using a valid reset token. Invalidates the token after use.
-     * @summary Submit new password
-     * @param {ResetPasswordRequest} resetPasswordRequest Reset token and the new password
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    submitNewPassword(resetPasswordRequest: ResetPasswordRequest, options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<void, any, {}>>;
+interface components {
+    schemas: {
+        /** @enum {string} */
+        AlgorithmConfig: "HS256" | "HS384" | "HS512" | "ES256" | "ES384" | "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | "EdDSA";
+        AnzarConfiguration: {
+            app: components["schemas"]["App"];
+            auth?: components["schemas"]["Authentication"];
+            database: components["schemas"]["Database"];
+            security: components["schemas"]["Security"];
+            server?: components["schemas"]["Server"];
+        };
+        App: {
+            environment: string;
+            url: string;
+        };
+        /**
+         * @example {
+         *       "user": {
+         *         "username": "",
+         *         "email": "",
+         *         "createdAt": "1970-01-01T00:00:00Z"
+         *       },
+         *       "tokens": {
+         *         "access": "",
+         *         "expires_in": 0,
+         *         "token_type": "",
+         *         "refresh": ""
+         *       },
+         *       "verification": {
+         *         "link": "",
+         *         "expires_at": "1970-01-01T00:00:00Z"
+         *       }
+         *     }
+         */
+        AuthResponse: {
+            tokens?: null | components["schemas"]["SessionTokens"];
+            user: components["schemas"]["User"];
+            verification?: null | components["schemas"]["ExpiringLink"];
+        };
+        AuthStrategy: (components["schemas"]["SessionConfig"] & {
+            /** @enum {string} */
+            type: "Session";
+        }) | (components["schemas"]["JwtConfig"] & {
+            /** @enum {string} */
+            type: "Jwt";
+        });
+        Authentication: {
+            /**
+             * @default {
+             *       "verification": {
+             *         "required": false,
+             *         "token_expires_in": 1800,
+             *         "success_redirect": null,
+             *         "error_redirect": null
+             *       }
+             *     }
+             */
+            email: components["schemas"]["EmailConfig"];
+            /**
+             * @default {
+             *       "algorithm": {
+             *         "type": "Argon2",
+             *         "memory_kib": 19456,
+             *         "iterations": 2,
+             *         "parallelism": 1
+             *       },
+             *       "requirements": {
+             *         "min_length": 8,
+             *         "max_length": 128,
+             *         "require_uppercase": false,
+             *         "require_number": false,
+             *         "require_special_char": false
+             *       },
+             *       "reset": {
+             *         "token_expires_in": 1800,
+             *         "success_redirect": null,
+             *         "error_redirect": null
+             *       },
+             *       "security": {
+             *         "max_failed_attempts": 5,
+             *         "lockout_duration": 1800
+             *       }
+             *     }
+             */
+            password: components["schemas"]["PasswordConfig"];
+            /**
+             * @default {
+             *       "enabled": false,
+             *       "default_role": "User",
+             *       "roles": [
+             *         {
+             *           "name": "User",
+             *           "permissions": [
+             *             "*:read"
+             *           ]
+             *         }
+             *       ]
+             *     }
+             */
+            rbac: components["schemas"]["RbacConfig"];
+            /**
+             * @default {
+             *       "type": "Session",
+             *       "name": "id",
+             *       "max_age": 3600,
+             *       "secure": true,
+             *       "http_only": true,
+             *       "same_site": "Strict"
+             *     }
+             */
+            strategy: components["schemas"]["AuthStrategy"];
+        };
+        Cache: {
+            driver: components["schemas"]["CacheDriver"];
+            url: string;
+        };
+        /** @enum {string} */
+        CacheDriver: "MemCached" | "Redis" | "InMemory";
+        CorsConfig: {
+            /** @default true */
+            allow_credentials: boolean;
+            /**
+             * @default [
+             *       "authorization",
+             *       "content-type",
+             *       "accept",
+             *       "accept-language",
+             *       "Content-Language"
+             *     ]
+             */
+            allowed_headers: string[];
+            /**
+             * @default [
+             *       "GET",
+             *       "POST",
+             *       "PUT",
+             *       "DELETE",
+             *       "OPTIONS"
+             *     ]
+             */
+            allowed_methods: string[];
+            /**
+             * @default [
+             *       "localhost:3000"
+             *     ]
+             */
+            allowed_origins: string[];
+            /** @default true */
+            enabled: boolean;
+            /**
+             * Format: int64
+             * @default 3600
+             */
+            max_age: number;
+        };
+        Database: {
+            cache: components["schemas"]["Cache"];
+            connection_string: string;
+            driver: components["schemas"]["DatabaseDriver"];
+        };
+        /** @enum {string} */
+        DatabaseDriver: "SQLite" | "PostgreSQL" | "MongoDB";
+        EmailConfig: {
+            /**
+             * @default {
+             *       "required": false,
+             *       "token_expires_in": 1800,
+             *       "success_redirect": null,
+             *       "error_redirect": null
+             *     }
+             */
+            verification: components["schemas"]["EmailVerification"];
+        };
+        /**
+         * @example {
+         *       "email": "example@email.com"
+         *     }
+         */
+        EmailRequest: {
+            email: string;
+        };
+        EmailVerification: {
+            /** @default null */
+            error_redirect: string | null;
+            /** @default false */
+            required: boolean;
+            /** @default null */
+            success_redirect: string | null;
+            /**
+             * Format: int64
+             * @default 1800
+             */
+            token_expires_in: number;
+        };
+        /** @enum {string} */
+        ErrorCode: "TokenExpired" | "TokenReplay" | "TokenInvalid" | "InvalidCredentials" | "AccountNotVerified" | "TokenInvalidSignature" | "TokenInvalidAudience" | "TokenInvalidIssuer" | "TokenInvalidAlgorithm" | "TokenMalformed" | "InsufficientPermissions" | "AccountSuspended" | "RoleNotFound" | "UserNotFound" | "TokenNotFound" | "AlreadyExists" | "ValidationFailed" | "MalformedField" | "MissingField" | "UnsupportedMediaType" | "BadRequest" | "RateLimitExceeded" | "Internal";
+        /**
+         * @example {
+         *       "message": "An Error occured"
+         *     }
+         */
+        ErrorResponse: {
+            code: components["schemas"]["ErrorCode"];
+            message: string;
+        };
+        /**
+         * @example {
+         *       "link": "",
+         *       "expires_at": "2026-02-19T22:42:23.467Z"
+         *     }
+         */
+        ExpiringLink: {
+            /** Format: date-time */
+            expires_at: string;
+            link: string;
+        };
+        HashingAlgorithm: {
+            /** Format: int32 */
+            iterations: number;
+            /** Format: int32 */
+            memory_kib: number;
+            /** Format: int32 */
+            parallelism: number;
+            /** @enum {string} */
+            type: "Argon2";
+        } | {
+            /** Format: int32 */
+            cost: number;
+            /** @enum {string} */
+            type: "Bcrypt";
+        };
+        HttpsConfig: {
+            /** @default null */
+            cert_path: string | null;
+            /** @default false */
+            enabled: boolean;
+            /** @default null */
+            key_path: string | null;
+            /**
+             * Format: int32
+             * @default 3000
+             */
+            port: number;
+        };
+        JwtConfig: {
+            /**
+             * Format: int64
+             * @default 900
+             */
+            access_token_expires_in: number;
+            /** @default HS256 */
+            algorithm: components["schemas"]["AlgorithmConfig"];
+            /** @default  */
+            audience: string;
+            /** @default  */
+            issuer: string;
+            /**
+             * Format: int64
+             * @default 604800
+             */
+            refresh_token_expires_in: number;
+        };
+        /**
+         * @example {
+         *       "email": "example@email.com",
+         *       "password": "password"
+         *     }
+         */
+        LoginRequest: {
+            email: string;
+            password: string;
+        };
+        PasswordConfig: {
+            /**
+             * @default {
+             *       "type": "Argon2",
+             *       "memory_kib": 19456,
+             *       "iterations": 2,
+             *       "parallelism": 1
+             *     }
+             */
+            algorithm: components["schemas"]["HashingAlgorithm"];
+            /**
+             * @default {
+             *       "min_length": 8,
+             *       "max_length": 128,
+             *       "require_uppercase": false,
+             *       "require_number": false,
+             *       "require_special_char": false
+             *     }
+             */
+            requirements: components["schemas"]["PasswordRequirements"];
+            /**
+             * @default {
+             *       "token_expires_in": 1800,
+             *       "success_redirect": null,
+             *       "error_redirect": null
+             *     }
+             */
+            reset: components["schemas"]["PasswordReset"];
+            /**
+             * @default {
+             *       "max_failed_attempts": 5,
+             *       "lockout_duration": 1800
+             *     }
+             */
+            security: components["schemas"]["PasswordSecurity"];
+        };
+        PasswordRequirements: {
+            /**
+             * Format: int32
+             * @default 128
+             */
+            max_length: number;
+            /**
+             * Format: int32
+             * @default 8
+             */
+            min_length: number;
+            /** @default false */
+            require_number: boolean;
+            /** @default false */
+            require_special_char: boolean;
+            /** @default false */
+            require_uppercase: boolean;
+        };
+        PasswordReset: {
+            /** @default null */
+            error_redirect: string | null;
+            /** @default null */
+            success_redirect: string | null;
+            /**
+             * Format: int64
+             * @default 1800
+             */
+            token_expires_in: number;
+        };
+        PasswordSecurity: {
+            /**
+             * Format: int64
+             * @default 1800
+             */
+            lockout_duration: number;
+            /**
+             * Format: int32
+             * @default 5
+             */
+            max_failed_attempts: number;
+        };
+        PermissionId: {
+            permission_id: string;
+        };
+        /**
+         * @example {
+         *       "action": "read",
+         *       "resource": "user"
+         *     }
+         */
+        PermissionName: {
+            action: string;
+            resource: string;
+        };
+        RbacConfig: {
+            /** @default User */
+            default_role: string;
+            /** @default false */
+            enabled: boolean;
+            /**
+             * @default [
+             *       {
+             *         "name": "User",
+             *         "permissions": [
+             *           "*:read"
+             *         ]
+             *       }
+             *     ]
+             */
+            roles: components["schemas"]["RoleConfig"][];
+        };
+        /**
+         * @example {
+         *       "refresh_token": "edc365fa5e13751XXXXXXX"
+         *     }
+         */
+        RefreshTokenRequest: {
+            /** Format: password */
+            refresh_token: string;
+        };
+        /**
+         * @example {
+         *       "username": "name",
+         *       "email": "example@email.com",
+         *       "password": "password"
+         *     }
+         */
+        RegisterRequest: {
+            email: string;
+            password: string;
+            username: string;
+        };
+        /**
+         * @example {
+         *       "token": "",
+         *       "csrf_token": "",
+         *       "password": ""
+         *     }
+         */
+        ResetPasswordRequest: {
+            /** Format: password */
+            csrf_token: string;
+            password: string;
+            /** Format: password */
+            token: string;
+        };
+        RoleConfig: {
+            name: string;
+            permissions: string[];
+        };
+        RoleName: {
+            name: string;
+        };
+        /**
+         * @example {
+         *       "role": "admin"
+         *     }
+         */
+        RoleRequest: {
+            role: string;
+        };
+        /** @enum {string} */
+        SameSiteConfig: "Strict" | "Lax" | "None";
+        Security: {
+            headers?: [
+                string,
+                string
+            ][];
+        };
+        Server: {
+            /**
+             * @default {
+             *       "enabled": true,
+             *       "allowed_origins": [
+             *         "localhost:3000"
+             *       ],
+             *       "allowed_methods": [
+             *         "GET",
+             *         "POST",
+             *         "PUT",
+             *         "DELETE",
+             *         "OPTIONS"
+             *       ],
+             *       "allowed_headers": [
+             *         "authorization",
+             *         "content-type",
+             *         "accept",
+             *         "accept-language",
+             *         "Content-Language"
+             *       ],
+             *       "allow_credentials": true,
+             *       "max_age": 3600
+             *     }
+             */
+            cors: components["schemas"]["CorsConfig"];
+            /**
+             * @default {
+             *       "enabled": false,
+             *       "port": 3000,
+             *       "cert_path": null,
+             *       "key_path": null
+             *     }
+             */
+            https: components["schemas"]["HttpsConfig"];
+        };
+        /**
+         * @example {
+         *       "id": "",
+         *       "user_id": "",
+         *       "issued_at": "2026-02-19T22:42:23.467Z",
+         *       "expires_at": "2026-02-19T22:42:23.467Z",
+         *       "used_at": "2026-02-19T22:42:23.467Z",
+         *       "token": ""
+         *     }
+         */
+        Session: {
+            _id?: string | null;
+            /** Format: date-time */
+            expiresAt: string;
+            /** Format: date-time */
+            issuedAt: string;
+            token: string;
+            /** Format: date-time */
+            usedAt?: string | null;
+            userId?: string;
+        };
+        SessionConfig: {
+            /** @default true */
+            http_only: boolean;
+            /**
+             * Format: int64
+             * @default 3600
+             */
+            max_age: number;
+            /** @default id */
+            name: string;
+            /** @default Strict */
+            same_site: components["schemas"]["SameSiteConfig"];
+            /** @default true */
+            secure: boolean;
+        };
+        /**
+         * @description SessionTokens model
+         * @example {
+         *       "access": "",
+         *       "expires_in": 3600,
+         *       "token_type": "Bearer",
+         *       "refresh": ""
+         *     }
+         */
+        SessionTokens: {
+            access: string;
+            /** Format: int64 */
+            expires_in: number;
+            refresh: string;
+            token_type: string;
+        };
+        /**
+         * @example {
+         *       "token": "edc365fa5e13751XXXXXXX"
+         *     }
+         */
+        TokenQuery: {
+            /** Format: password */
+            token: string;
+        };
+        /**
+         * @example {
+         *       "id": "",
+         *       "username": "",
+         *       "email": "",
+         *       "created_at": "2026-02-19T22:42:23.467Z"
+         *     }
+         */
+        User: {
+            _id?: string | null;
+            /** Format: date-time */
+            createdAt: string;
+            email: string;
+            username: string;
+        };
+    };
+    responses: never;
+    parameters: never;
+    requestBodies: never;
+    headers: never;
+    pathItems: never;
 }
-/**
- * EmailApi - axios parameter creator
- */
-declare const EmailApiAxiosParamCreator: (configuration?: Configuration) => {
-    /**
-     * Validates the email token and update the user account.
-     * @summary Verify user email
-     * @param {TokenQuery} token Email Verification Token
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    verifyEmail: (token: TokenQuery, options?: RawAxiosRequestConfig) => Promise<RequestArgs>;
-};
-/**
- * EmailApi - functional programming interface
- */
-declare const EmailApiFp: (configuration?: Configuration) => {
-    /**
-     * Validates the email token and update the user account.
-     * @summary Verify user email
-     * @param {TokenQuery} token Email Verification Token
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    verifyEmail(token: TokenQuery, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<void>>;
-};
-/**
- * EmailApi - factory interface
- */
-declare const EmailApiFactory: (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) => {
-    /**
-     * Validates the email token and update the user account.
-     * @summary Verify user email
-     * @param {TokenQuery} token Email Verification Token
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    verifyEmail(token: TokenQuery, options?: RawAxiosRequestConfig): AxiosPromise<void>;
-};
-/**
- * EmailApi - object-oriented interface
- */
-declare class EmailApi extends BaseAPI {
-    /**
-     * Validates the email token and update the user account.
-     * @summary Verify user email
-     * @param {TokenQuery} token Email Verification Token
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    verifyEmail(token: TokenQuery, options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<void, any, {}>>;
+interface operations {
+    login: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /** @description User login credentials */
+        requestBody: {
+            content: {
+                "application/json": components["schemas"]["LoginRequest"];
+            };
+        };
+        responses: {
+            /** @description Authentication successful */
+            200: {
+                headers: {
+                    /** @description Session cookie (session strategy only). Format: id=<session_id>; HttpOnly; Secure; SameSite=Strict */
+                    "Set-Cookie"?: string;
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["AuthResponse"];
+                };
+            };
+            /** @description Malformed request or validation error */
+            400: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Invalid email or password */
+            401: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
+    logout: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /** @description Refresh token to invalidate */
+        requestBody: {
+            content: {
+                "application/json": components["schemas"]["RefreshTokenRequest"];
+            };
+        };
+        responses: {
+            /** @description Logged out successfully — session and refresh token invalidated */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content?: never;
+            };
+            /** @description Malformed request or missing refresh token */
+            400: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Missing or expired credentials */
+            401: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
+    forgotPassword: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /** @description Email address to send the reset link to */
+        requestBody: {
+            content: {
+                "application/json": components["schemas"]["EmailRequest"];
+            };
+        };
+        responses: {
+            /** @description Reset email sent if an account with that address exists */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ExpiringLink"];
+                };
+            };
+            /** @description Malformed request or invalid email format */
+            400: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
+    renderPasswordResetForm: {
+        parameters: {
+            query: {
+                /** @description Single-use password reset token from the email link */
+                token: string;
+            };
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        requestBody?: never;
+        responses: {
+            /** @description Token valid — password reset form returned */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "text/html": string;
+                };
+            };
+            /** @description Malformed request or missing token */
+            400: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Reset token invalid or expired */
+            401: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
+    submitNewPassword: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /** @description Reset token, CSRF token, and new password */
+        requestBody: {
+            content: {
+                "application/x-www-form-urlencoded": components["schemas"]["ResetPasswordRequest"];
+            };
+        };
+        responses: {
+            /** @description Password reset successful — redirects to success page */
+            302: {
+                headers: {
+                    /** @description URL of the post-reset success page */
+                    Location?: string;
+                    [name: string]: unknown;
+                };
+                content?: never;
+            };
+            /** @description Malformed request or validation error */
+            400: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Reset token or CSRF token invalid or expired */
+            401: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
+    refreshToken: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /** @description Valid refresh token */
+        requestBody: {
+            content: {
+                "application/json": components["schemas"]["RefreshTokenRequest"];
+            };
+        };
+        responses: {
+            /** @description New access token issued successfully */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["AuthResponse"];
+                };
+            };
+            /** @description Malformed request or missing refresh token */
+            400: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Refresh token invalid, expired, or already rotated */
+            401: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
+    register: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /** @description User register credentials */
+        requestBody: {
+            content: {
+                "application/json": components["schemas"]["RegisterRequest"];
+            };
+        };
+        responses: {
+            /** @description User registered successfully */
+            201: {
+                headers: {
+                    /** @description Session cookie (session strategy only). Format: id=<session_id>; HttpOnly; Secure; SameSite=Strict */
+                    "Set-Cookie"?: string;
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["AuthResponse"];
+                };
+            };
+            /** @description Malformed request or validation error */
+            400: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Email already registered */
+            409: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
+    getSession: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        requestBody?: never;
+        responses: {
+            /** @description Session data returned successfully */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["Session"];
+                };
+            };
+            /** @description Missing or expired credentials */
+            401: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Account suspended or unverified */
+            403: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
+    verify_email: {
+        parameters: {
+            query: {
+                /** @description One-time email verification token issued during registration */
+                token: string;
+            };
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        requestBody?: never;
+        responses: {
+            /** @description Token is valid — redirects to the success page */
+            302: {
+                headers: {
+                    /** @description URL of the post-verification success page */
+                    Location?: string;
+                    [name: string]: unknown;
+                };
+                content?: never;
+            };
+            /** @description Token is missing, malformed, or already used */
+            400: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
+    createPermission: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /** @description Permission definition */
+        requestBody: {
+            content: {
+                "application/json": components["schemas"]["PermissionName"];
+            };
+        };
+        responses: {
+            /** @description Permission upserted successfully */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content?: never;
+            };
+            /** @description Missing or expired credentials */
+            401: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Insufficient privileges */
+            403: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
+    createRole: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /** @description Role definition */
+        requestBody: {
+            content: {
+                "application/json": components["schemas"]["RoleName"];
+            };
+        };
+        responses: {
+            /** @description Role upserted successfully */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content?: never;
+            };
+            /** @description Missing or expired credentials */
+            401: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Insufficient privileges */
+            403: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
+    assignPermissionToRole: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path: {
+                /** @description Role ID to assign the permission to */
+                id: string;
+            };
+            cookie?: never;
+        };
+        /** @description Permission to assign */
+        requestBody: {
+            content: {
+                "application/json": components["schemas"]["PermissionId"];
+            };
+        };
+        responses: {
+            /** @description Permission successfully assigned to role */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content?: never;
+            };
+            /** @description Missing or expired credentials */
+            401: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Insufficient privileges */
+            403: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Role or permission not found */
+            404: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
+    find_user: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        requestBody?: never;
+        responses: {
+            /** @description Authenticated user's profile returned successfully */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["User"];
+                };
+            };
+            /** @description Missing or expired credentials */
+            401: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Authenticated token is valid but user no longer exists */
+            404: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
+    assign_role: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /** @description Role assignment payload */
+        requestBody: {
+            content: {
+                "application/json": components["schemas"]["RoleRequest"];
+            };
+        };
+        responses: {
+            /** @description Role successfully assigned — returns updated user profile */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["User"];
+                };
+            };
+            /** @description Missing or expired credentials */
+            401: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Authenticated user does not have permission to assign roles */
+            403: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Target user not found */
+            404: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+            /** @description Unexpected server error */
+            500: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
 }
-/**
- * UsersApi - axios parameter creator
- */
-declare const UsersApiAxiosParamCreator: (configuration?: Configuration) => {
-    /**
-     * Returns the currently authenticated user\'s data. Requires a valid Bearer token.
-     * @summary Get current User
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    findUser: (options?: RawAxiosRequestConfig) => Promise<RequestArgs>;
-};
-/**
- * UsersApi - functional programming interface
- */
-declare const UsersApiFp: (configuration?: Configuration) => {
-    /**
-     * Returns the currently authenticated user\'s data. Requires a valid Bearer token.
-     * @summary Get current User
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    findUser(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<User>>;
-};
-/**
- * UsersApi - factory interface
- */
-declare const UsersApiFactory: (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) => {
-    /**
-     * Returns the currently authenticated user\'s data. Requires a valid Bearer token.
-     * @summary Get current User
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    findUser(options?: RawAxiosRequestConfig): AxiosPromise<User>;
-};
-/**
- * UsersApi - object-oriented interface
- */
-declare class UsersApi extends BaseAPI {
-    /**
-     * Returns the currently authenticated user\'s data. Requires a valid Bearer token.
-     * @summary Get current User
-     * @param {*} [options] Override http request option.
-     * @throws {RequiredError}
-     */
-    findUser(options?: RawAxiosRequestConfig): Promise<axios.AxiosResponse<User, any, {}>>;
-}
+declare const api: openapi_fetch.Client<paths, `${string}/${string}`>;
-export { AlgorithmConfig, type AnzarConfiguration, type App, AuthApi, AuthApiAxiosParamCreator, AuthApiFactory, AuthApiFp, type AuthResponse, AuthStrategy, type Authentication, type Cache, CacheDriver, Configuration, type ConfigurationParameters, type CorsConfig, type Database, DatabaseDriver, EmailApi, EmailApiAxiosParamCreator, EmailApiFactory, EmailApiFp, type EmailConfig, type EmailRequest, type EmailVerification, ErrorCode, type ErrorResponse, type HttpsConfig, type JwtConfig, type LoginRequest, type PasswordConfig, type PasswordRequirements, type PasswordReset, type PasswordSecurity, type RefreshTokenRequest, type RegisterRequest, type ResetLink, type ResetPasswordRequest, Role, SameSiteConfig, type Security, type Server, type Session, type SessionConfig, type SessionTokens, type TokenQuery, type User, UsersApi, UsersApiAxiosParamCreator, UsersApiFactory, UsersApiFp, type Verification };
+export { api, type components, type paths };