# Ask for an auth code (swap sub)
curl -X POST https://localhost:4080/api/session \
-H 'Content-Type: application/json; charset=utf-8' \
-d '{"sub":"jon@example.com"}'
# Validate auth code (swap session id, sub, and otp)
curl -X POST https://localhost:4080/api/session/xyz \
-H 'Content-Type: application/json; charset=utf-8' \
-d '{"sub":"jon@example.com","otp":"secret123"}'
# Post a message (swap api-token)
curl -X POST https://localhost:4080/api/rooms/general \
-H 'Authorization: Bearer api-token' \
-H 'Content-Type: application/json; charset=utf-8' \
-d '{"msg":"hello"}'
# Get a room's messages (swap api-token, since unix-epoch)
curl https://localhost:4080/api/rooms/general?since=0 \
-H 'Authorization: Bearer api-token'