task_id: task_create_api_login_user
entity_id: api_login_user
generated_at: '2025-12-19T06:08:12.145470'
workflow_version: v001
target:
  type: api
  definition:
    id: api_login_user
    method: POST
    path: /api/auth/login
    summary: Login user
    description: Authenticate user with email and password, return session token
    tags:
    - auth
    path_params: []
    query_params: []
    request_body:
      content_type: application/json
      schema:
        type: object
        properties:
        - name: email
          type: string
          required: true
          validations:
          - email
          description: User email
        - name: password
          type: string
          required: true
          description: User password
        example:
          email: user@example.com
          password: securepass123
    responses:
    - status: 200
      description: Login successful
      schema:
        type: object
        properties:
        - name: user
          type: object
        - name: token
          type: string
        example:
          user:
            id: 550e8400-e29b-41d4-a716-446655440000
            email: user@example.com
            name: John Doe
          token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
    - status: 401
      description: Invalid credentials
      schema:
        type: object
        properties:
        - name: error
          type: string
        example:
          error: Invalid email or password
    depends_on_models:
    - model_user
    depends_on_apis: []
    auth:
      required: false
      roles: []
    rate_limit:
      requests: 20
      window: 1h
related:
  models:
  - id: model_user
    definition: &id001
      id: model_user
      name: User
      description: Application user account with email/password authentication
      table_name: users
      fields:
      - name: id
        type: uuid
        constraints:
        - primary_key
        description: Unique user identifier
      - name: email
        type: string
        constraints:
        - unique
        - not_null
        - indexed
        description: User email address for login
      - name: name
        type: string
        constraints:
        - not_null
        description: User's display name
      - name: password_hash
        type: string
        constraints:
        - not_null
        description: Bcrypt hashed password
      relations: []
      indexes:
      - fields:
        - email
        unique: true
        name: idx_users_email
      timestamps: true
      soft_delete: false
      validations:
      - field: email
        rule: email
        message: Invalid email format
      - field: name
        rule: min:1
        message: Name is required
      - field: password_hash
        rule: min:60
        message: Invalid password hash
    external: false
  apis: []
  components: []
dependencies:
  entity_ids:
  - model_user
  definitions:
  - id: model_user
    type: model
    definition: *id001
    external: false
files:
  to_create:
  - app/api/auth/login/route.ts
  reference: []
acceptance:
- criterion: POST /api/auth/login returns success response
  verification: curl -X POST /api/auth/login
- criterion: Request validation implemented
  verification: Test with invalid data
- criterion: Error responses match contract
  verification: Test error scenarios