# \AuthApi
All URIs are relative to *http://localhost*
[**create_api_token**](AuthApi.md#create_api_token) | **POST** /api/v1/auth/tokens | Create a new API token for the current user
[**create_download_ticket**](AuthApi.md#create_download_ticket) | **POST** /api/v1/auth/ticket | Create a short-lived, single-use download/stream ticket for the current user. The ticket can be passed as a `?ticket=` query parameter on endpoints that cannot use `Authorization` headers (e.g. `<a>` downloads, `EventSource` SSE).
[**disable_totp**](AuthApi.md#disable_totp) | **POST** /api/v1/auth/totp/disable | Disable TOTP for the authenticated user (requires password and current TOTP code)
[**enable_totp**](AuthApi.md#enable_totp) | **POST** /api/v1/auth/totp/enable | Enable TOTP by verifying the initial code and generating backup codes
[**get_current_user**](AuthApi.md#get_current_user) | **GET** /api/v1/auth/me | Get current user info
[**login**](AuthApi.md#login) | **POST** /api/v1/auth/login | Login with credentials
[**logout**](AuthApi.md#logout) | **POST** /api/v1/auth/logout | Logout current session
[**refresh_token**](AuthApi.md#refresh_token) | **POST** /api/v1/auth/refresh | Refresh access token
[**revoke_api_token**](AuthApi.md#revoke_api_token) | **DELETE** /api/v1/auth/tokens/{token_id} | Revoke an API token
[**setup_status**](AuthApi.md#setup_status) | **GET** /api/v1/setup/status | Returns whether initial setup (password change) is required.
[**setup_totp**](AuthApi.md#setup_totp) | **POST** /api/v1/auth/totp/setup | Generate a new TOTP secret and QR code URL for the authenticated user
[**verify_totp**](AuthApi.md#verify_totp) | **POST** /api/v1/auth/totp/verify | Verify TOTP code during login (exchanges totp_token + code for full auth tokens)
## create_api_token
> models::CreateApiTokenResponse create_api_token(create_api_token_request)
Create a new API token for the current user
### Parameters
**create_api_token_request** | [**CreateApiTokenRequest**](CreateApiTokenRequest.md) | | [required] |
### Return type
[**models::CreateApiTokenResponse**](CreateApiTokenResponse.md)
### Authorization
[bearer_auth](../README.md#bearer_auth)
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## create_download_ticket
> models::TicketResponse create_download_ticket(create_ticket_request)
Create a short-lived, single-use download/stream ticket for the current user. The ticket can be passed as a `?ticket=` query parameter on endpoints that cannot use `Authorization` headers (e.g. `<a>` downloads, `EventSource` SSE).
Security note: the resulting ticket value will appear in webserver access logs, browser history, and `Referer` headers if it is embedded in a URL. The mitigation is single-use consumption plus a 30-second TTL plus 256-bit entropy. Clients should consume the ticket immediately and never share or log the URL that contains it.
### Parameters
**create_ticket_request** | [**CreateTicketRequest**](CreateTicketRequest.md) | | [required] |
### Return type
[**models::TicketResponse**](TicketResponse.md)
### Authorization
[bearer_auth](../README.md#bearer_auth)
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## disable_totp
> disable_totp(totp_disable_request)
Disable TOTP for the authenticated user (requires password and current TOTP code)
### Parameters
**totp_disable_request** | [**TotpDisableRequest**](TotpDisableRequest.md) | | [required] |
### Return type
(empty response body)
### Authorization
[bearer_auth](../README.md#bearer_auth)
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## enable_totp
> models::TotpEnableResponse enable_totp(totp_code_request)
Enable TOTP by verifying the initial code and generating backup codes
### Parameters
**totp_code_request** | [**TotpCodeRequest**](TotpCodeRequest.md) | | [required] |
### Return type
[**models::TotpEnableResponse**](TotpEnableResponse.md)
### Authorization
[bearer_auth](../README.md#bearer_auth)
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## get_current_user
> models::UserResponse get_current_user()
Get current user info
### Parameters
This endpoint does not need any parameter.
### Return type
[**models::UserResponse**](UserResponse.md)
### Authorization
[bearer_auth](../README.md#bearer_auth)
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## login
> models::LoginResponse login(login_request)
Login with credentials
### Parameters
**login_request** | [**LoginRequest**](LoginRequest.md) | | [required] |
### Return type
[**models::LoginResponse**](LoginResponse.md)
### Authorization
No authorization required
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## logout
> logout(refresh_token_request)
Logout current session
### Parameters
**refresh_token_request** | Option<[**RefreshTokenRequest**](RefreshTokenRequest.md)> | | |
### Return type
(empty response body)
### Authorization
No authorization required
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: Not defined
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## refresh_token
> models::LoginResponse refresh_token(refresh_token_request)
Refresh access token
### Parameters
**refresh_token_request** | [**RefreshTokenRequest**](RefreshTokenRequest.md) | | [required] |
### Return type
[**models::LoginResponse**](LoginResponse.md)
### Authorization
No authorization required
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## revoke_api_token
> revoke_api_token(token_id)
Revoke an API token
### Parameters
**token_id** | **uuid::Uuid** | ID of the API token to revoke | [required] |
### Return type
(empty response body)
### Authorization
[bearer_auth](../README.md#bearer_auth)
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## setup_status
> models::SetupStatusResponse setup_status()
Returns whether initial setup (password change) is required.
### Parameters
This endpoint does not need any parameter.
### Return type
[**models::SetupStatusResponse**](SetupStatusResponse.md)
### Authorization
No authorization required
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## setup_totp
> models::TotpSetupResponse setup_totp()
Generate a new TOTP secret and QR code URL for the authenticated user
### Parameters
This endpoint does not need any parameter.
### Return type
[**models::TotpSetupResponse**](TotpSetupResponse.md)
### Authorization
[bearer_auth](../README.md#bearer_auth)
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## verify_totp
> models::LoginResponse verify_totp(totp_verify_request)
Verify TOTP code during login (exchanges totp_token + code for full auth tokens)
### Parameters
**totp_verify_request** | [**TotpVerifyRequest**](TotpVerifyRequest.md) | | [required] |
### Return type
[**models::LoginResponse**](LoginResponse.md)
### Authorization
No authorization required
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)