docs: Create README for implementation phases

- Added README file to summarize the development phases of the project.

Add project docs, issue templates, and contribution guides

Establishes clear documentation for API, architecture, security, and development workflow. Introduces GitHub templates for issues and pull requests, a code of conduct, and contribution guidelines to streamline collaboration and onboarding. Organizes implementation phase plans for structured development and enhanced project transparency.

Add project docs, contribution guides, and issue templates

Establishes comprehensive documentation for API, architecture, security, and development workflow. Introduces templates for issues and pull requests, a code of conduct, and contribution guidelines to improve collaboration and onboarding. Organizes detailed implementation plans into structured development phases for enhanced transparency.

Author: gjovanovicst

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,52 @@
+---
+name: Bug Report
+about: Create a report to help us improve
+labels: bug
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. API endpoint called: `POST /api/your-endpoint`
+2. Request payload (if any):
+   ```json
+   {
+     "key": "value"
+   }
+   ```
+3. Request headers (if any):
+   ```
+   Authorization: Bearer <token>
+   ```
+4. Relevant environment variables or configuration:
+   ```
+   DB_HOST=...
+   JWT_SECRET=...
+   ```
+5. Run the request (e.g., with curl, Postman, or frontend)
+6. See error/response:
+   ```json
+   {
+     "error": "..."
+   }
+   ```
+7. (Optional) Include relevant logs or stack traces:
+   ```
+   [2025-06-21 12:00:00] ERROR ...
+   ```
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Environment (please complete the following information):**
+- OS: [e.g. Windows, Mac, Linux]
+- Go version: [e.g. 1.22]
+- Docker version: [if applicable]
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,17 @@
+---
+name: Feature Request
+about: Suggest an idea for this project
+labels: enhancement
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is.
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,28 @@
+# Pull Request
+
+Thank you for your contribution!
+
+## Description
+Please include a summary of the change and which issue is fixed. Also include relevant motivation and context.
+
+Fixes # (issue)
+
+## Type of change
+- [ ] Bug fix
+- [ ] New feature
+- [ ] Breaking change
+- [ ] Documentation update
+- [ ] Other (please describe):
+
+## Checklist
+- [ ] My code follows the style guidelines of this project
+- [ ] I have performed a self-review of my code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have made corresponding changes to the documentation
+- [ ] My changes generate no new warnings
+- [ ] I have added tests that prove my fix is effective or that my feature works
+- [ ] New and existing unit tests pass locally with my changes
+- [ ] Any dependent changes have been merged and published in downstream modules
+
+## Additional context
+Add any other context or screenshots about the pull request here.

CODE_OF_CONDUCT.md

@@ -0,0 +1,25 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment:
+- Using welcoming and inclusive language
+- Being respectful of differing viewpoints
+- Gracefully accepting constructive criticism
+- Showing empathy towards others
+
+Examples of unacceptable behavior:
+- Trolling, insulting/derogatory comments
+- Public or private harassment
+- Publishing others' private information
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project maintainer.
+
+---
+This Code of Conduct is adapted from the [Contributor Covenant](https://www.contributor-covenant.org/).

CONTRIBUTING.md

@@ -0,0 +1,30 @@
+# Contributing to Authentication API
+
+Thank you for your interest in contributing! We welcome pull requests, issues, and suggestions to make this project better.
+
+## How to Contribute
+
+1. **Fork the repository** and create your branch from `main` or `develop`.
+2. **Clone your fork** and set up the project locally (see README for instructions).
+3. **Create a descriptive branch name** (e.g., `feature/social-login`, `fix/email-verification-bug`).
+4. **Make your changes** with clear, concise commits.
+5. **Test your changes** using `make test` or `go test ./...`.
+6. **Lint and format** your code: `make fmt` and `make lint`.
+7. **Push to your fork** and open a pull request (PR) against the `develop` branch.
+8. **Describe your PR** clearly, referencing any related issues.
+
+## Code Style
+- Follow Go best practices and idioms.
+- Use `go fmt` for formatting.
+- Write clear, descriptive commit messages.
+- Add/update tests for new features or bug fixes.
+
+## Reporting Issues
+- Use the GitHub Issues tab.
+- Provide as much detail as possible (steps to reproduce, logs, screenshots).
+
+## Code of Conduct
+Please be respectful and inclusive. See `CODE_OF_CONDUCT.md` for details.
+
+---
+Thank you for helping make this project better!

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

SECURITY.md

@@ -0,0 +1,10 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability, please open an issue or contact the maintainer directly. We will respond as quickly as possible to address the issue.
+
+- Do not disclose security issues publicly until they have been resolved.
+- Provide as much detail as possible to help us resolve the issue quickly.
+
+Thank you for helping keep this project secure!

docs/API.md

@@ -0,0 +1,44 @@
+# API Documentation
+
+## Authentication Endpoints
+
+### Register
+- `POST /register`
+- Request: `{ "email": "[email protected]", "password": "..." }`
+- Response: `{ "success": true, "data": { "token": "..." } }`
+
+### Login
+- `POST /login`
+- Request: `{ "email": "[email protected]", "password": "..." }`
+- Response: `{ "success": true, "data": { "token": "..." } }`
+
+### Refresh Token
+- `POST /refresh-token`
+- Request: `{ "refresh_token": "..." }`
+- Response: `{ "success": true, "data": { "token": "..." } }`
+
+### Forgot Password
+- `POST /forgot-password`
+- Request: `{ "email": "[email protected]" }`
+- Response: `{ "success": true }`
+
+### Reset Password
+- `POST /reset-password`
+- Request: `{ "token": "...", "new_password": "..." }`
+- Response: `{ "success": true }`
+
+### Email Verification
+- `GET /verify-email?token=...`
+- Response: `{ "success": true }`
+
+### Social Login
+- `GET /auth/{provider}/login`
+- `GET /auth/{provider}/callback`
+
+### Protected Profile
+- `GET /profile`
+- Header: `Authorization: Bearer <token>`
+- Response: `{ "success": true, "data": { ...user... } }`
+
+---
+For more details, see the OpenAPI spec (if available) or code comments.

docs/ARCHITECTURE.md

@@ -0,0 +1,39 @@
+# Architecture Overview
+
+## High-Level Diagram
+
+```
++-----------+      +-----------+      +-----------+
+|  Client   |<---> |  API      |<---> | Database  |
+| (Frontend)|      | (Gin)     |      | (Postgres)|
++-----------+      +-----------+      +-----------+
+                        |
+                        v
+                  +-----------+
+                  |  Redis    |
+                  +-----------+
+```
+
+- **API**: Go (Gin), handles authentication, authorization, and business logic
+- **Database**: PostgreSQL, stores users, tokens, etc.
+- **Redis**: Session/token management, caching
+- **Email**: SMTP for verification and password reset
+- **Social Auth**: OAuth2 with Google, Facebook, GitHub
+
+## Key Components
+- `internal/auth` — Core authentication logic
+- `internal/user` — User management
+- `internal/social` — Social login
+- `internal/email` — Email verification/reset
+- `internal/middleware` — JWT, RBAC, etc.
+- `pkg/jwt` — JWT helpers
+
+## Flow Example
+1. User registers or logs in
+2. API validates credentials, issues JWT
+3. JWT used for protected endpoints
+4. Redis manages sessions/tokens
+5. Social login handled via OAuth2 callback
+
+---
+For more details, see the code and comments in each package.

docs/README.md

@@ -0,0 +1,7 @@
+# Documentation
+
+- [Architecture](ARCHITECTURE.md)
+- [API Reference](API.md)
+- [Development Phases](phases/)
+
+See each file for details on architecture, endpoints, and implementation plans.