default: "\n \"\"\"Represents an application user account.\"\"\"\n type User {\n \"\"\"Unique identifier of the user.\"\"\"\n _id: ID!\n\n \"\"\"User's email address (used for login).\"\"\"\n email: String!\n\n \"\"\"Role of the user.\"\"\"\n role: UserRole!\n\n \"\"\"Indicates whether the account is active.\"\"\"\n active: Boolean!\n\n \"\"\"Date and time when the user registered (ISO 8601 format).\"\"\"\n registrationDate: String!\n\n \"\"\"Date and time when the user last logged in (ISO 8601 format).\"\"\"\n lastLogin: String!\n }\n\n \"\"\"Invite metadata without exposing secret token hash.\"\"\"\n type Invite {\n _id: ID!\n email: String!\n role: UserRole!\n expiresAt: String!\n revokedAt: String\n acceptedAt: String\n createdAt: String!\n }\n\n \"\"\"One-time invite token payload issued to administrators.\"\"\"\n type InviteToken {\n invite: Invite!\n token: String!\n }\n\n \"\"\"One-time password reset token payload issued to administrators.\"\"\"\n type PasswordResetToken {\n userId: ID!\n token: String!\n expiresAt: String!\n }\n\n type Query {\n \"\"\"Retrieve the list of all registered users.\"\"\"\n listAllUsers: [User]\n\n \"\"\"Retrieve the currently authenticated user.\"\"\"\n me: User\n\n \"\"\"Admin-only: list unexpired invites.\"\"\"\n listPendingInvites: [Invite]!\n }\n\n \"\"\"Represents an authentication or registration token.\"\"\"\n type Token {\n \"\"\"JWT or API token string returned after successful authentication.\"\"\"\n token: String\n }\n\n type Mutation {\n \"\"\"Register a new user and return an authentication token.\"\"\"\n registerUser(email: String!, password: String!): Token\n\n \"\"\"Authenticate a user and return an authentication token.\"\"\"\n authUser(email: String!, password: String!): Token\n\n \"\"\"Delete the currently authenticated user's account permanently.\"\"\"\n deleteMyUserAccount: User!\n\n \"\"\"Admin-only: create a new user with an explicit role.\"\"\"\n adminCreateUser(email: String!, password: String!, role: UserRole!, active: Boolean): User!\n\n \"\"\"Admin-only: update an existing user's role and/or active state.\"\"\"\n adminUpdateUser(_id: ID!, role: UserRole, active: Boolean): User!\n\n \"\"\"Admin-only: delete a user account.\"\"\"\n adminDeleteUser(_id: ID!): User!\n\n \"\"\"Admin-only: create an invitation token for a new account.\"\"\"\n adminCreateInvite(email: String!, role: UserRole!, expiresInHours: Int): InviteToken!\n\n \"\"\"Admin-only: revoke a pending invitation token.\"\"\"\n adminRevokeInvite(_id: ID!): Boolean!\n\n \"\"\"Accept an invitation token and create a new account.\"\"\"\n acceptInvite(token: String!, password: String!): Token\n\n \"\"\"Initiate password reset (always returns true).\"\"\"\n requestPasswordReset(email: String!): Boolean!\n\n \"\"\"Complete password reset with a valid one-time token.\"\"\"\n resetPassword(token: String!, password: String!): Boolean!\n\n \"\"\"Admin-only: issue password reset token for a user.\"\"\"\n adminIssuePasswordReset(_id: ID!, expiresInHours: Int): PasswordResetToken!\n }\n"
GraphQL schema definition string for
User,Token, and associated queries/mutations.