docs: add OpenAPI responses={} to all router endpoints

Add explicit HTTP status code documentation to every endpoint across 15 router files. Each endpoint now declares all possible response codes (200/201/204/400/401/404/409/429/502/503) with descriptions so frontend can distinguish error types. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-05-03 01:12:08 +02:00
parent 7ad885d276
commit 8f26776bb3
15 changed files with 624 additions and 2 deletions
--- a/backend/app/routers/auth.py
+++ b/backend/app/routers/auth.py
@@ -45,6 +45,13 @@ router = APIRouter(prefix="/api/v1/auth", tags=["auth"])
    "/login",
    response_model=LoginResponse,
    summary="Authenticate with the master password",
+    responses={
+        200: {"description": "Login successful", "model": LoginResponse},
+        401: {"description": "Invalid password"},
+        422: {"description": "Validation error — invalid request body"},
+        429: {"description": "Too many login attempts, retry after delay"},
+        503: {"description": "Setup not complete"},
+    },
 )
 async def login(
    body: LoginRequest,
@@ -116,6 +123,10 @@ async def login(
    "/session",
    response_model=SessionValidResponse,
    summary="Validate the current session",
+    responses={
+        200: {"description": "Session valid", "model": SessionValidResponse},
+        401: {"description": "Session missing, expired, or invalid"},
+    },
 )
 async def validate_session(
    _: AuthDep,
@@ -142,6 +153,10 @@ async def validate_session(
    "/logout",
    response_model=LogoutResponse,
    summary="Revoke the current session",
+    responses={
+        200: {"description": "Logout successful", "model": LogoutResponse},
+        401: {"description": "Session missing or invalid (silently successful)"},
+    },
 )
 async def logout(
    request: Request,