login:
  post:
    tags:
      - auth
    summary: 用户登录
    operationId: login
    security: []  # 登录接口不需要认证
    requestBody:
      required: true
      content:
        application/json:
          schema:
            type: object
            required:
              - email
              - password
            properties:
              email:
                type: string
                format: email
              password:
                type: string
                format: password
    responses:
      '200':
        description: 登录成功
        content:
          application/json:
            schema:
              type: object
              required:
                - token
                - user
              properties:
                token:
                  type: string
                user:
                  $ref: '../components/schemas.yaml#/User'
      '401':
        $ref: '../components/responses.yaml#/Unauthorized'
      '422':
        $ref: '../components/responses.yaml#/ValidationError'

logout:
  post:
    tags:
      - auth
    summary: 用户登出
    operationId: logout
    responses:
      '204':
        description: 登出成功
      '401':
        $ref: '../components/responses.yaml#/Unauthorized'