Build a User Authentication Service

Problem/Feature Description

Build a Go REST API for user authentication using JWT tokens. The service connects to PostgreSQL for user storage and uses bcrypt for password hashing.

Endpoints:

• POST /api/auth/register -- register a new user (email, password, name)
• POST /api/auth/login -- authenticate and return JWT access + refresh tokens
• POST /api/auth/refresh -- exchange a refresh token for a new access token
• GET /api/auth/me -- get current user profile (requires valid access token)
• POST /api/auth/logout -- invalidate the refresh token

Business rules:

• Email must be unique and valid format
• Password must be at least 8 characters with at least one number and one uppercase letter
• Access tokens expire in 15 minutes, refresh tokens in 7 days
• Refresh tokens are stored in the database and can be revoked
• Failed login attempts are rate-limited to 5 per minute per email

Use github.com/golang-jwt/jwt/v5 for JWT, github.com/lib/pq for PostgreSQL, and golang.org/x/crypto/bcrypt for hashing.

Output Specification

Produce:

• cmd/server/main.go -- application entry point
• internal/handler/auth.go -- HTTP handler for auth endpoints
• internal/service/auth.go -- authentication business logic
• internal/repository/user.go -- database operations for users
• internal/middleware/auth.go -- JWT authentication middleware
• go.mod -- module definition with dependencies
• .gitignore -- standard Go gitignore

You may create additional files as needed for a well-structured codebase.