docs: add project documentation and structure guide

- Add comprehensive API documentation in docs/ directory
- Add webui structure documentation for better navigation
- Document component organization and file layout

docs/API.html

@@ -0,0 +1,1481 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Stable Diffusion REST API Documentation</title>
+    <style>
+        * {
+            margin: 0;
+            padding: 0;
+            box-sizing: border-box;
+        }
+
+        body {
+            font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+            line-height: 1.6;
+            color: #e9ecef;
+            background-color: #1a1a1a;
+        }
+
+        .container {
+            max-width: 1200px;
+            margin: 0 auto;
+            padding: 20px;
+            display: flex;
+            gap: 2rem;
+        }
+
+        .sidebar {
+            width: 280px;
+            flex-shrink: 0;
+            position: sticky;
+            top: 20px;
+            height: fit-content;
+            max-height: calc(100vh - 40px);
+            overflow-y: auto;
+        }
+
+        .main-content {
+            flex: 1;
+            min-width: 0;
+        }
+
+        header {
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            color: white;
+            padding: 2rem;
+            margin-bottom: 2rem;
+            border-radius: 8px;
+            box-shadow: 0 4px 6px rgba(0, 0, 0, 0.3);
+        }
+
+        .header-content {
+            text-align: center;
+        }
+
+        h1 {
+            font-size: 2.5rem;
+            margin-bottom: 0.5rem;
+            font-weight: 700;
+            color: #000000;
+        }
+
+        .subtitle {
+            font-size: 1.2rem;
+            opacity: 0.9;
+        }
+
+        .toc {
+            background: #2d3748;
+            padding: 1.5rem;
+            border-radius: 8px;
+            box-shadow: 0 2px 4px rgba(0, 0, 0, 0.3);
+            margin-bottom: 2rem;
+            border: 1px solid #4a5568;
+        }
+
+        .toc h2 {
+            color: #667eea;
+            margin-bottom: 1rem;
+            font-size: 1.5rem;
+        }
+
+        .toc ul {
+            list-style: none;
+        }
+
+        .toc-level-1 {
+            margin-bottom: 1rem;
+        }
+
+        .toc-level-1 > li {
+            margin-bottom: 0.5rem;
+            font-weight: 600;
+        }
+
+        .toc-level-2 {
+            margin-left: 1rem;
+            margin-top: 0.5rem;
+        }
+
+        .toc-level-2 li {
+            margin-bottom: 0.25rem;
+            font-weight: 400;
+        }
+
+        .toc a {
+            color: #a0aec0;
+            text-decoration: none;
+            transition: color 0.3s ease;
+            display: block;
+            padding: 0.25rem 0;
+            border-radius: 4px;
+        }
+
+        .toc a:hover {
+            color: #667eea;
+            background: #4a5568;
+            text-decoration: none;
+        }
+
+        .toc a.active {
+            color: #667eea;
+            background: #4a5568;
+        }
+
+        .section {
+            background: #2d3748;
+            margin-bottom: 2rem;
+            border-radius: 8px;
+            box-shadow: 0 2px 4px rgba(0, 0, 0, 0.3);
+            overflow: hidden;
+            border: 1px solid #4a5568;
+        }
+
+        .section-header {
+            background: #667eea;
+            color: white;
+            padding: 1.5rem;
+            border-left: 4px solid #764ba2;
+        }
+
+        .section-content {
+            padding: 1.5rem;
+        }
+
+        h2 {
+            color: #000000;
+            margin-bottom: 1rem;
+            font-size: 1.8rem;
+            font-weight: 600;
+        }
+
+        h3 {
+            color: #000000;
+            margin: 1.5rem 0 1rem 0;
+            font-size: 1.4rem;
+            font-weight: 600;
+            border-bottom: 2px solid #4a5568;
+            padding-bottom: 0.5rem;
+        }
+
+        h4 {
+            color: #000000;
+            margin: 1rem 0 0.5rem 0;
+            font-size: 1.2rem;
+            font-weight: 600;
+        }
+
+        .endpoint {
+            background: #1a202c;
+            border: 1px solid #4a5568;
+            border-radius: 6px;
+            padding: 1rem;
+            margin: 1rem 0;
+            font-family: 'Monaco', 'Menlo', 'Ubuntu Mono', monospace;
+        }
+
+        .method {
+            display: inline-block;
+            padding: 0.25rem 0.5rem;
+            border-radius: 4px;
+            font-weight: bold;
+            font-size: 0.9rem;
+            margin-right: 0.5rem;
+        }
+
+        .get { background: #28a745; color: white; }
+        .post { background: #007bff; color: white; }
+        .put { background: #ffc107; color: #212529; }
+        .delete { background: #dc3545; color: white; }
+
+        .code-block {
+            background: #1a202c;
+            border: 1px solid #4a5568;
+            border-radius: 6px;
+            padding: 1rem;
+            margin: 1rem 0;
+            overflow-x: auto;
+            font-family: 'Monaco', 'Menlo', 'Ubuntu Mono', monospace;
+            font-size: 0.9rem;
+            color: #e2e8f0;
+        }
+
+        .json {
+            background: #1a202c;
+            color: #68d391;
+            border-radius: 6px;
+            padding: 1rem;
+            margin: 1rem 0;
+            overflow-x: auto;
+            font-family: 'Monaco', 'Menlo', 'Ubuntu Mono', monospace;
+            font-size: 0.9rem;
+            border: 1px solid #4a5568;
+        }
+
+        .parameter-table {
+            width: 100%;
+            border-collapse: collapse;
+            margin: 1rem 0;
+            background: #2d3748;
+            border-radius: 6px;
+            overflow: hidden;
+            box-shadow: 0 2px 4px rgba(0, 0, 0, 0.3);
+            border: 1px solid #4a5568;
+        }
+
+        .parameter-table th {
+            background: #667eea;
+            color: white;
+            padding: 0.75rem;
+            text-align: left;
+            font-weight: 600;
+        }
+
+        .parameter-table td {
+            padding: 0.75rem;
+            border-bottom: 1px solid #4a5568;
+            color: #e2e8f0;
+        }
+
+        .parameter-table tr:nth-child(even) {
+            background: #1a202c;
+        }
+
+        .required {
+            color: #fc8181;
+            font-weight: bold;
+        }
+
+        .optional {
+            color: #68d391;
+            font-weight: bold;
+        }
+
+        .note {
+            background: #2d3748;
+            border: 1px solid #f6e05e;
+            border-radius: 6px;
+            padding: 1rem;
+            margin: 1rem 0;
+            border-left: 4px solid #f6e05e;
+            color: #e2e8f0;
+        }
+
+        .warning {
+            background: #2d3748;
+            border: 1px solid #fc8181;
+            border-radius: 6px;
+            padding: 1rem;
+            margin: 1rem 0;
+            border-left: 4px solid #fc8181;
+            color: #e2e8f0;
+        }
+
+        .info {
+            background: #2d3748;
+            border: 1px solid #63b3ed;
+            border-radius: 6px;
+            padding: 1rem;
+            margin: 1rem 0;
+            border-left: 4px solid #63b3ed;
+            color: #e2e8f0;
+        }
+
+        .response-example {
+            background: #2d3748;
+            border: 1px solid #68d391;
+            border-radius: 6px;
+            padding: 1rem;
+            margin: 1rem 0;
+            color: #e2e8f0;
+        }
+
+        .error-example {
+            background: #2d3748;
+            border: 1px solid #fc8181;
+            border-radius: 6px;
+            padding: 1rem;
+            margin: 1rem 0;
+            color: #e2e8f0;
+        }
+
+        .back-to-top {
+            position: fixed;
+            bottom: 20px;
+            right: 20px;
+            background: #667eea;
+            color: white;
+            padding: 0.5rem 1rem;
+            border-radius: 6px;
+            text-decoration: none;
+            box-shadow: 0 2px 4px rgba(0, 0, 0, 0.4);
+            transition: all 0.3s ease;
+            border: 1px solid #764ba2;
+        }
+
+        .back-to-top:hover {
+            background: #764ba2;
+            transform: translateY(-2px);
+            box-shadow: 0 4px 8px rgba(0, 0, 0, 0.5);
+        }
+
+        @media (max-width: 1024px) {
+            .container {
+                flex-direction: column;
+            }
+
+            .sidebar {
+                width: 100%;
+                position: static;
+                height: auto;
+                max-height: none;
+                margin-bottom: 2rem;
+            }
+
+            .main-content {
+                width: 100%;
+            }
+        }
+
+        @media (max-width: 768px) {
+            .container {
+                padding: 10px;
+            }
+
+            h1 {
+                font-size: 2rem;
+            }
+
+            .toc-level-2 {
+                margin-left: 0.5rem;
+            }
+
+            .parameter-table {
+                font-size: 0.8rem;
+            }
+
+            .json {
+                font-size: 0.8rem;
+            }
+
+            .section-content {
+                padding: 1rem;
+            }
+
+            .toc {
+                padding: 1rem;
+            }
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <aside class="sidebar">
+            <nav class="toc">
+                <h2>Table of Contents</h2>
+                <ul class="toc-level-1">
+                    <li><a href="#authentication">Authentication</a>
+                        <ul class="toc-level-2">
+                            <li><a href="#authentication-methods">Authentication Methods</a></li>
+                            <li><a href="#authentication-endpoints">Authentication Endpoints</a></li>
+                        </ul>
+                    </li>
+                    <li><a href="#system-information">System Information</a></li>
+                    <li><a href="#model-management">Model Management</a></li>
+                    <li><a href="#image-generation">Image Generation</a></li>
+                    <li><a href="#queue-management">Queue Management</a></li>
+                    <li><a href="#file-management">File Management</a></li>
+                    <li><a href="#utilities">Utilities</a></li>
+                    <li><a href="#error-responses">Error Responses</a></li>
+                    <li><a href="#authentication-and-authorization">Authentication and Authorization</a></li>
+                    <li><a href="#rate-limiting-and-usage">Rate Limiting and Usage</a></li>
+                    <li><a href="#websocket-support">WebSocket Support</a></li>
+                    <li><a href="#examples">Examples</a></li>
+                    <li><a href="#configuration">Configuration</a></li>
+                    <li><a href="#troubleshooting">Troubleshooting</a></li>
+                </ul>
+            </nav>
+        </aside>
+
+        <main class="main-content">
+            <header>
+                <div class="header-content">
+                    <h1>Stable Diffusion REST API Documentation</h1>
+                    <p class="subtitle">Comprehensive API reference for stable-diffusion.cpp-rest server</p>
+                </div>
+            </header>
+
+        <section id="authentication" class="section">
+            <div class="section-header">
+                <h2>Authentication</h2>
+            </div>
+            <div class="section-content">
+                <h3 id="authentication-methods">Authentication Methods</h3>
+                <p>The API supports multiple authentication methods:</p>
+                <ul>
+                    <li><strong>None</strong>: No authentication required</li>
+                    <li><strong>JWT</strong>: JSON Web Token authentication</li>
+                    <li><strong>API Key</strong>: API key authentication</li>
+                    <li><strong>Unix</strong>: Unix user authentication</li>
+                    <li><strong>PAM</strong>: Pluggable Authentication Modules</li>
+                </ul>
+
+                <h3 id="authentication-endpoints">Authentication Endpoints</h3>
+                
+                <h4>POST /api/auth/login</h4>
+                <p>Authenticate with the server and receive an access token.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/auth/login
+                </div>
+
+                <h5>Request Body:</h5>
+                <div class="json">
+{
+  "username": "string",
+  "password": "string"  // Optional for Unix auth without PAM
+}
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "token": "string",
+  "user": {
+    "id": "string",
+    "username": "string", 
+    "role": "string",
+    "permissions": ["string"]
+  },
+  "message": "string"
+}
+                </div>
+
+                <h4>POST /api/auth/logout</h4>
+                <p>Log out and invalidate the current session.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/auth/logout
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "message": "Logout successful"
+}
+                </div>
+
+                <h4>GET /api/auth/validate</h4>
+                <p>Validate the current authentication token.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/auth/validate
+                </div>
+
+                <h5>Headers:</h5>
+                <div class="code-block">
+Authorization: Bearer &lt;token&gt;
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "user": {
+    "id": "string",
+    "username": "string",
+    "role": "string", 
+    "permissions": ["string"]
+  },
+  "valid": true
+}
+                </div>
+
+                <h4>POST /api/auth/refresh</h4>
+                <p>Refresh the current authentication token.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/auth/refresh
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "token": "string",
+  "message": "Token refreshed successfully"
+}
+                </div>
+
+                <h4>GET /api/auth/me</h4>
+                <p>Get information about the currently authenticated user.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/auth/me
+                </div>
+
+                <h5>Headers:</h5>
+                <div class="code-block">
+Authorization: Bearer &lt;token&gt;
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "user": {
+    "id": "string",
+    "username": "string",
+    "role": "string",
+    "permissions": ["string"]
+  }
+}
+                </div>
+            </div>
+        </section>
+
+        <section id="system-information" class="section">
+            <div class="section-header">
+                <h2>System Information</h2>
+            </div>
+            <div class="section-content">
+                <h4>GET /api/health</h4>
+                <p>Check if the server is running and healthy.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/health
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "status": "healthy",
+  "timestamp": 1234567890,
+  "version": "1.0.0"
+}
+                </div>
+
+                <h4>GET /api/status</h4>
+                <p>Get detailed server and system status.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/status
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "server": {
+    "running": true,
+    "host": "localhost",
+    "port": 8080
+  },
+  "generation_queue": {
+    "running": true,
+    "queue_size": 5,
+    "active_generations": 1
+  },
+  "models": {
+    "loaded_count": 2,
+    "available_count": 10
+  }
+}
+                </div>
+
+                <h4>GET /api/version</h4>
+                <p>Get version information about the server.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/version
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "version": "1.0.0",
+  "type": "release",
+  "commit": {
+    "short": "abc1234",
+    "full": "abc1234567890abcdef"
+  },
+  "branch": "main",
+  "clean": true,
+  "build_time": "2024-01-01T12:00:00Z"
+}
+                </div>
+
+                <h4>GET /api/config</h4>
+                <p>Get server configuration (requires authentication).</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/config
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "config": {
+    // Server configuration details
+  }
+}
+                </div>
+
+                <h4>GET /api/system</h4>
+                <p>Get system information (requires authentication).</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/system
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "system": {
+    // System information details
+  }
+}
+                </div>
+
+                <h4>POST /api/system/restart</h4>
+                <p>Restart the server (requires admin authentication).</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/system/restart
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "message": "Server restart initiated"
+}
+                </div>
+            </div>
+        </section>
+
+        <section id="model-management" class="section">
+            <div class="section-header">
+                <h2>Model Management</h2>
+            </div>
+            <div class="section-content">
+                <h4>GET /api/models</h4>
+                <p>List all available models with filtering and pagination support.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/models
+                </div>
+
+                <h5>Query Parameters:</h5>
+                <table class="parameter-table">
+                    <thead>
+                        <tr>
+                            <th>Parameter</th>
+                            <th>Type</th>
+                            <th>Required</th>
+                            <th>Description</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        <tr>
+                            <td>type</td>
+                            <td>string</td>
+                            <td class="optional">No</td>
+                            <td>Filter by model type (checkpoint, vae, lora, etc.)</td>
+                        </tr>
+                        <tr>
+                            <td>search</td>
+                            <td>string</td>
+                            <td class="optional">No</td>
+                            <td>Search in model names and descriptions</td>
+                        </tr>
+                        <tr>
+                            <td>sort_by</td>
+                            <td>string</td>
+                            <td class="optional">No</td>
+                            <td>Sort field (name, size, date, type, loaded)</td>
+                        </tr>
+                        <tr>
+                            <td>sort_order</td>
+                            <td>string</td>
+                            <td class="optional">No</td>
+                            <td>Sort order (asc, desc)</td>
+                        </tr>
+                        <tr>
+                            <td>limit</td>
+                            <td>integer</td>
+                            <td class="optional">No</td>
+                            <td>Pagination limit (default: 50, 0 = no limit)</td>
+                        </tr>
+                        <tr>
+                            <td>page</td>
+                            <td>integer</td>
+                            <td class="optional">No</td>
+                            <td>Page number (default: 1)</td>
+                        </tr>
+                    </tbody>
+                </table>
+
+                <div class="note">
+                    <strong>Note:</strong> This endpoint supports advanced filtering by model type, date ranges, size categories, and loaded status.
+                </div>
+
+                <h4>POST /api/models/{modelId}/load</h4>
+                <p>Load a specific model into memory.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/models/{modelId}/load
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "message": "Model loaded successfully",
+  "model": "string"
+}
+                </div>
+
+                <h4>POST /api/models/{modelId}/unload</h4>
+                <p>Unload a specific model from memory.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/models/{modelId}/unload
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "message": "Model unloaded successfully",
+  "model": "string"
+}
+                </div>
+
+                <h4>GET /api/models/types</h4>
+                <p>Get available model types.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/models/types
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "types": [
+    "checkpoint",
+    "vae", 
+    "lora",
+    "controlnet",
+    "embedding",
+    "esrgan",
+    "taesd"
+  ]
+}
+                </div>
+
+                <h4>POST /api/models/refresh</h4>
+                <p>Rescan model directories for new models.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/models/refresh
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "message": "Model refresh completed",
+  "models_found": 5,
+  "models_updated": 2
+}
+                </div>
+            </div>
+        </section>
+
+        <section id="image-generation" class="section">
+            <div class="section-header">
+                <h2>Image Generation</h2>
+            </div>
+            <div class="section-content">
+                <h4>POST /api/generate/text2img</h4>
+                <p>Generate images from text prompts.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/generate/text2img
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> Yes
+                </div>
+
+                <h5>Request Body:</h5>
+                <div class="json">
+{
+  "model_name": "string",
+  "prompt": "string",
+  "negative_prompt": "string",
+  "width": 1024,
+  "height": 1024,
+  "steps": 20,
+  "cfg_scale": 7.0,
+  "sampling_method": "euler",
+  "scheduler": "karras",
+  "seed": "random",
+  "batch_count": 1,
+  "clip_skip": 1,
+  "n_threads": 4,
+  "offload_params_to_cpu": false,
+  "clip_on_cpu": false,
+  "vae_on_cpu": false,
+  "diffusion_flash_attn": false,
+  "diffusion_conv_direct": false,
+  "vae_conv_direct": false,
+  "vae_path": "string",
+  "clip_l_path": "string",
+  "clip_g_path": "string",
+  "taesd_path": "string",
+  "embedding_dir": "string",
+  "lora_model_dir": "string"
+}
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "request_id": "string",
+  "status": "queued",
+  "message": "Generation request queued successfully"
+}
+                </div>
+
+                <h4>POST /api/generate/img2img</h4>
+                <p>Generate images from text prompts and input images.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/generate/img2img
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> Yes
+                </div>
+
+                <h4>POST /api/generate/controlnet</h4>
+                <p>Generate images using ControlNet.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/generate/controlnet
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> Yes
+                </div>
+
+                <h4>POST /api/generate/upscale</h4>
+                <p>Upscale images using ESRGAN models.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/generate/upscale
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> Yes
+                </div>
+
+                <h4>POST /api/generate/inpainting</h4>
+                <p>Generate images with inpainting.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/generate/inpainting
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> Yes
+                </div>
+            </div>
+        </section>
+
+        <section id="queue-management" class="section">
+            <div class="section-header">
+                <h2>Queue Management</h2>
+            </div>
+            <div class="section-content">
+                <h4>GET /api/queue/status</h4>
+                <p>Get current queue status and all jobs.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/queue/status
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> Yes
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "queue": {
+    "size": 5,
+    "active_generations": 1,
+    "running": true,
+    "jobs": [
+      {
+        "id": "string",
+        "status": "queued|processing|completed|failed",
+        "prompt": "string",
+        "queued_time": 1234567890,
+        "start_time": 1234567890,
+        "end_time": 1234567890,
+        "position": 1,
+        "progress": 0.5,
+        "current_step": 10,
+        "total_steps": 20,
+        "time_elapsed": 5000,
+        "time_remaining": 5000,
+        "speed": 2.0
+      }
+    ]
+  }
+}
+                </div>
+
+                <h4>GET /api/queue/job/{jobId}</h4>
+                <p>Get detailed information about a specific job.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/queue/job/{jobId}
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> Yes
+                </div>
+
+                <h4>POST /api/queue/cancel</h4>
+                <p>Cancel a specific job.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/queue/cancel
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> Yes
+                </div>
+
+                <h5>Request Body:</h5>
+                <div class="json">
+{
+  "job_id": "string"
+}
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "status": "success",
+  "message": "Job cancelled successfully",
+  "job_id": "string"
+}
+                </div>
+
+                <h4>POST /api/queue/clear</h4>
+                <p>Clear all queued jobs.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/queue/clear
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> Yes
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "status": "success",
+  "message": "Queue cleared successfully"
+}
+                </div>
+            </div>
+        </section>
+
+        <section id="file-management" class="section">
+            <div class="section-header">
+                <h2>File Management</h2>
+            </div>
+            <div class="section-content">
+                <h4>GET /api/queue/job/{jobId}/output/{filename}</h4>
+                <p>Download a specific output file from a completed job.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/queue/job/{jobId}/output/{filename}
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> No (public for frontend access)
+                </div>
+
+                <p><strong>Response:</strong> Binary file data with appropriate Content-Type header</p>
+
+                <h4>GET /api/v1/jobs/{jobId}/output/{filename}</h4>
+                <p>Alternative endpoint for downloading job output files.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/v1/jobs/{jobId}/output/{filename}
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> No
+                </div>
+
+                <h5>Query Parameters:</h5>
+                <table class="parameter-table">
+                    <thead>
+                        <tr>
+                            <th>Parameter</th>
+                            <th>Type</th>
+                            <th>Required</th>
+                            <th>Description</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        <tr>
+                            <td>thumb</td>
+                            <td>boolean</td>
+                            <td class="optional">No</td>
+                            <td>Generate thumbnail</td>
+                        </tr>
+                        <tr>
+                            <td>size</td>
+                            <td>integer</td>
+                            <td class="optional">No</td>
+                            <td>Thumbnail size (50-500px)</td>
+                        </tr>
+                    </tbody>
+                </table>
+
+                <p><strong>Response:</strong> Image file or thumbnail</p>
+
+                <h4>GET /api/image/download</h4>
+                <p>Download an image from a URL (CORS-free handling).</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/image/download
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> No
+                </div>
+
+                <p><strong>Response:</strong> Binary image data</p>
+            </div>
+        </section>
+
+        <section id="utilities" class="section">
+            <div class="section-header">
+                <h2>Utilities</h2>
+            </div>
+            <div class="section-content">
+                <h4>GET /api/samplers</h4>
+                <p>Get available sampling methods.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/samplers
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> Yes
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "samplers": [
+    "euler",
+    "euler_a",
+    "heun",
+    "dpm2",
+    "dpmpp2s_a",
+    "dpmpp2m",
+    "dpmpp2mv2",
+    "ipndm",
+    "ipndm_v",
+    "lcm",
+    "ddim_trailing",
+    "tcd"
+  ]
+}
+                </div>
+
+                <h4>GET /api/schedulers</h4>
+                <p>Get available schedulers.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/schedulers
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> Yes
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "schedulers": [
+    "discrete",
+    "karras",
+    "exponential",
+    "ays",
+    "gits",
+    "smoothstep",
+    "sgm_uniform",
+    "simple"
+  ]
+}
+                </div>
+
+                <h4>GET /api/parameters</h4>
+                <p>Get available generation parameters and their defaults.</p>
+                
+                <div class="endpoint">
+                    <span class="method get">GET</span> /api/parameters
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> Yes
+                </div>
+
+                <h5>Response:</h5>
+                <div class="json response-example">
+{
+  "parameters": {
+    "width": {
+      "min": 64,
+      "max": 4096,
+      "default": 1024,
+      "step": 8
+    },
+    "height": {
+      "min": 64,
+      "max": 4096,
+      "default": 1024,
+      "step": 8
+    },
+    "steps": {
+      "min": 1,
+      "max": 150,
+      "default": 20,
+      "step": 1
+    },
+    "cfg_scale": {
+      "min": 1.0,
+      "max": 30.0,
+      "default": 7.0,
+      "step": 0.1
+    },
+    "batch_count": {
+      "min": 1,
+      "max": 50,
+      "default": 1,
+      "step": 1
+    }
+  }
+}
+                </div>
+
+                <h4>POST /api/validate</h4>
+                <p>Validate generation parameters.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/validate
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> No
+                </div>
+
+                <h4>POST /api/estimate</h4>
+                <p>Estimate generation time and resource usage.</p>
+                
+                <div class="endpoint">
+                    <span class="method post">POST</span> /api/estimate
+                </div>
+
+                <div class="info">
+                    <strong>Authentication Required:</strong> Yes
+                </div>
+            </div>
+        </section>
+
+        <section id="error-responses" class="section">
+            <div class="section-header">
+                <h2>Error Responses</h2>
+            </div>
+            <div class="section-content">
+                <p>All endpoints may return error responses in the following format:</p>
+                
+                <div class="json error-example">
+{
+  "error": {
+    "message": "Error description",
+    "code": "ERROR_CODE",
+    "status_code": 400,
+    "request_id": "string",
+    "timestamp": 1234567890
+  }
+}
+                </div>
+
+                <h4>Common Error Codes</h4>
+                <ul>
+                    <li><code>AUTH_REQUIRED</code> - Authentication is required for this endpoint</li>
+                    <li><code>INVALID_CREDENTIALS</code> - Invalid username or password</li>
+                    <li><code>INSUFFICIENT_PERMISSIONS</code> - User lacks required permissions</li>
+                    <li><code>MODEL_NOT_FOUND</code> - Model not found</li>
+                    <li><code>MODEL_NOT_LOADED</code> - Model not loaded into memory</li>
+                    <li><code>JOB_NOT_FOUND</code> - Job not found</li>
+                    <li><code>INVALID_PARAMETERS</code> - Invalid request parameters</li>
+                    <li><code>VALIDATION_ERROR</code> - Parameter validation failed</li>
+                    <li><code>INTERNAL_ERROR</code> - Internal server error</li>
+                </ul>
+            </div>
+        </section>
+
+        <section id="authentication-and-authorization" class="section">
+            <div class="section-header">
+                <h2>Authentication and Authorization</h2>
+            </div>
+            <div class="section-content">
+                <h3>Authentication Headers</h3>
+                <p>For endpoints requiring authentication, include one of the following:</p>
+                
+                <h4>JWT Token:</h4>
+                <div class="code-block">
+Authorization: Bearer &lt;jwt_token&gt;
+                </div>
+
+                <h4>API Key:</h4>
+                <div class="code-block">
+X-API-Key: &lt;api_key&gt;
+                </div>
+
+                <h4>Unix User:</h4>
+                <div class="code-block">
+X-Unix-User: &lt;username&gt;
+                </div>
+
+                <h3>Permission Levels</h3>
+                <ul>
+                    <li><strong>Guest</strong>: No authentication required (public endpoints)</li>
+                    <li><strong>User</strong>: Can generate images and manage own jobs</li>
+                    <li><strong>Admin</strong>: Can manage models, users, and system settings</li>
+                </ul>
+
+                <h3>Public Endpoints</h3>
+                <p>The following endpoints do not require authentication:</p>
+                <ul>
+                    <li><code>GET /api/health</code></li>
+                    <li><code>GET /api/status</code></li>
+                    <li><code>GET /api/version</code></li>
+                    <li><code>GET /api/queue/job/{jobId}/output/{filename}</code></li>
+                    <li><code>GET /api/v1/jobs/{jobId}/output/{filename}</code></li>
+                    <li><code>GET /api/image/download</code></li>
+                    <li><code>POST /api/validate</code></li>
+                </ul>
+            </div>
+        </section>
+
+        <section id="rate-limiting-and-usage" class="section">
+            <div class="section-header">
+                <h2>Rate Limiting and Usage</h2>
+            </div>
+            <div class="section-content">
+                <h3>Concurrent Generation Limits</h3>
+                <p>The server limits concurrent generations based on configuration:</p>
+                <ul>
+                    <li>Default: 1 concurrent generation</li>
+                    <li>Configurable via server settings</li>
+                </ul>
+
+                <h3>Queue Management</h3>
+                <ul>
+                    <li>Jobs are processed in FIFO order</li>
+                    <li>Queue status can be monitored via <code>/api/queue/status</code></li>
+                    <li>Jobs can be cancelled before processing starts</li>
+                </ul>
+
+                <h3>File Storage</h3>
+                <ul>
+                    <li>Generated images are stored in configured output directory</li>
+                    <li>Files are organized by job ID: <code>{output_dir}/{job_id}/{filename}</code></li>
+                    <li>Output files can be downloaded via public endpoints</li>
+                </ul>
+            </div>
+        </section>
+
+        <section id="websocket-support" class="section">
+            <div class="section-header">
+                <h2>WebSocket Support</h2>
+            </div>
+            <div class="section-content">
+                <p>The API supports WebSocket connections for real-time updates:</p>
+
+                <h3>Connection Endpoint</h3>
+                <div class="code-block">
+ws://localhost:8080/ws
+                </div>
+
+                <h3>Message Types</h3>
+                <ul>
+                    <li><code>job_update</code>: Real-time job progress updates</li>
+                    <li><code>queue_update</code>: Queue status changes</li>
+                    <li><code>system_update</code>: System status changes</li>
+                </ul>
+
+                <h3>WebSocket Message Format</h3>
+                <div class="json">
+{
+  "type": "job_update",
+  "data": {
+    "job_id": "string",
+    "progress": 0.5,
+    "current_step": 10,
+    "total_steps": 20,
+    "time_elapsed": 5000,
+    "time_remaining": 5000
+  }
+}
+                </div>
+            </div>
+        </section>
+
+        <section id="examples" class="section">
+            <div class="section-header">
+                <h2>Examples</h2>
+            </div>
+            <div class="section-content">
+                <h3>Basic Text-to-Image Generation</h3>
+                <div class="code-block">
+# Login
+curl -X POST http://localhost:8080/api/auth/login \
+  -H "Content-Type: application/json" \
+  -d '{"username": "user", "password": "pass"}'
+
+# Generate image
+curl -X POST http://localhost:8080/api/generate/text2img \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer &lt;token&gt;" \
+  -d '{
+    "model_name": "sd_xl_base_1.0.safetensors",
+    "prompt": "A beautiful landscape",
+    "width": 1024,
+    "height": 1024,
+    "steps": 20,
+    "cfg_scale": 7.0
+  }'
+
+# Check job status
+curl -X GET http://localhost:8080/api/queue/job/{job_id} \
+  -H "Authorization: Bearer &lt;token&gt;"'
+
+# Download result
+curl -X GET http://localhost:8080/api/queue/job/{job_id}/output/image_0.png \
+  --output generated_image.png
+                </div>
+
+                <h3>Model Management</h3>
+                <div class="code-block">
+# List models
+curl -X GET http://localhost:8080/api/models \
+  -H "Authorization: Bearer &lt;token&gt;"'
+
+# Load a model
+curl -X POST http://localhost:8080/api/models/model_hash/load \
+  -H "Authorization: Bearer &lt;token&gt;"'
+
+# Get model info
+curl -X GET http://localhost:8080/api/models/model_hash \
+  -H "Authorization: Bearer &lt;token&gt;"'
+                </div>
+            </div>
+        </section>
+
+        <section id="configuration" class="section">
+            <div class="section-header">
+                <h2>Configuration</h2>
+            </div>
+            <div class="section-content">
+                <h3>Environment Variables</h3>
+                <ul>
+                    <li><code>STABLE_DIFFUSION_PORT</code>: Server port (default: 8080)</li>
+                    <li><code>STABLE_DIFFUSION_HOST</code>: Server host (default: 0.0.0.0)</li>
+                    <li><code>STABLE_DIFFUSION_MODELS_DIR</code>: Models directory path</li>
+                    <li><code>STABLE_DIFFUSION_OUTPUT_DIR</code>: Output directory path</li>
+                </ul>
+
+                <h3>Server Configuration</h3>
+                <p>The server can be configured via:</p>
+                <ul>
+                    <li>Command line arguments</li>
+                    <li>Configuration file</li>
+                    <li>Environment variables</li>
+                </ul>
+                <p>Refer to the server documentation for detailed configuration options.</p>
+            </div>
+        </section>
+
+        <section id="troubleshooting" class="section">
+            <div class="section-header">
+                <h2>Troubleshooting</h2>
+            </div>
+            <div class="section-content">
+                <h3>Common Issues</h3>
+                <ol>
+                    <li><strong>Model not loaded</strong>: Ensure the model is loaded before generation</li>
+                    <li><strong>Authentication failed</strong>: Check credentials and auth method</li>
+                    <li><strong>Generation timeout</strong>: Increase timeout or reduce image size</li>
+                    <li><strong>Memory errors</strong>: Reduce batch size or image dimensions</li>
+                </ol>
+
+                <h3>Debug Mode</h3>
+                <p>Enable debug logging by setting:</p>
+                <ul>
+                    <li><code>verbose=true</code> in server configuration</li>
+                    <li><code>RUST_LOG=debug</code> environment variable</li>
+                </ul>
+
+                <h3>Health Checks</h3>
+                <p>Monitor server health:</p>
+                <div class="code-block">
+curl -X GET http://localhost:8080/api/health
+curl -X GET http://localhost:8080/api/status
+                </div>
+            </div>
+        </section>
+    </div>
+
+    <a href="#top" class="back-to-top">↑ Back to Top</a>
+
+    <script>
+        // Smooth scrolling for anchor links
+        document.querySelectorAll('a[href^="#"]').forEach(anchor => {
+            anchor.addEventListener('click', function (e) {
+                e.preventDefault();
+                const target = document.querySelector(this.getAttribute('href'));
+                if (target) {
+                    target.scrollIntoView({
+                        behavior: 'smooth',
+                        block: 'start'
+                    });
+                }
+            });
+        });
+
+        // Show/hide back to top button based on scroll position
+        const backToTop = document.querySelector('.back-to-top');
+        window.addEventListener('scroll', () => {
+            if (window.pageYOffset > 300) {
+                backToTop.style.display = 'block';
+            } else {
+                backToTop.style.display = 'none';
+            }
+        });
+
+        // Hide back to top button initially
+        backToTop.style.display = 'none';
+    </script>
+</body>
+</html>

docs/API.md

@@ -0,0 +1,1211 @@
+# Stable Diffusion REST API Documentation
+
+This document provides comprehensive documentation for all REST API endpoints available in the stable-diffusion.cpp-rest server.
+
+## Table of Contents
+
+- [Authentication](#authentication)
+- [System Information](#system-information)
+- [Model Management](#model-management)
+- [Image Generation](#image-generation)
+- [Queue Management](#queue-management)
+- [File Management](#file-management)
+- [Utilities](#utilities)
+
+---
+
+## Authentication
+
+### Authentication Methods
+
+The API supports multiple authentication methods:
+- **None**: No authentication required
+- **JWT**: JSON Web Token authentication
+- **API Key**: API key authentication
+- **Unix**: Unix user authentication
+- **PAM**: Pluggable Authentication Modules
+
+### Authentication Endpoints
+
+#### POST /api/auth/login
+Authenticate with the server and receive an access token.
+
+**Request Body:**
+```json
+{
+  "username": "string",
+  "password": "string"  // Optional for Unix auth without PAM
+}
+```
+
+**Response:**
+```json
+{
+  "token": "string",
+  "user": {
+    "id": "string",
+    "username": "string", 
+    "role": "string",
+    "permissions": ["string"]
+  },
+  "message": "string"
+}
+```
+
+#### POST /api/auth/logout
+Log out and invalidate the current session.
+
+**Response:**
+```json
+{
+  "message": "Logout successful"
+}
+```
+
+#### GET /api/auth/validate
+Validate the current authentication token.
+
+**Headers:**
+- `Authorization: Bearer <token>`
+
+**Response:**
+```json
+{
+  "user": {
+    "id": "string",
+    "username": "string",
+    "role": "string", 
+    "permissions": ["string"]
+  },
+  "valid": true
+}
+```
+
+#### POST /api/auth/refresh
+Refresh the current authentication token.
+
+**Response:**
+```json
+{
+  "token": "string",
+  "message": "Token refreshed successfully"
+}
+```
+
+#### GET /api/auth/me
+Get information about the currently authenticated user.
+
+**Headers:**
+- `Authorization: Bearer <token>`
+
+**Response:**
+```json
+{
+  "user": {
+    "id": "string",
+    "username": "string",
+    "role": "string",
+    "permissions": ["string"]
+  }
+}
+```
+
+---
+
+## System Information
+
+### GET /api/health
+Check if the server is running and healthy.
+
+**Response:**
+```json
+{
+  "status": "healthy",
+  "timestamp": 1234567890,
+  "version": "1.0.0"
+}
+```
+
+### GET /api/status
+Get detailed server and system status.
+
+**Response:**
+```json
+{
+  "server": {
+    "running": true,
+    "host": "localhost",
+    "port": 8080
+  },
+  "generation_queue": {
+    "running": true,
+    "queue_size": 5,
+    "active_generations": 1
+  },
+  "models": {
+    "loaded_count": 2,
+    "available_count": 10
+  }
+}
+```
+
+### GET /api/version
+Get version information about the server.
+
+**Response:**
+```json
+{
+  "version": "1.0.0",
+  "type": "release",
+  "commit": {
+    "short": "abc1234",
+    "full": "abc1234567890abcdef"
+  },
+  "branch": "main",
+  "clean": true,
+  "build_time": "2024-01-01T12:00:00Z"
+}
+```
+
+### GET /api/config
+Get server configuration (requires authentication).
+
+**Response:**
+```json
+{
+  "config": {
+    // Server configuration details
+  }
+}
+```
+
+### GET /api/system
+Get system information (requires authentication).
+
+**Response:**
+```json
+{
+  "system": {
+    // System information details
+  }
+}
+```
+
+#### POST /api/system/restart
+Restart the server (requires admin authentication).
+
+**Response:**
+```json
+{
+  "message": "Server restart initiated"
+}
+```
+
+---
+
+## Model Management
+
+### GET /api/models
+List all available models with filtering and pagination support.
+
+**Query Parameters:**
+- `type` (string): Filter by model type (checkpoint, vae, lora, etc.)
+- `search` (string): Search in model names and descriptions
+- `sort_by` (string): Sort field (name, size, date, type, loaded)
+- `sort_order` (string): Sort order (asc, desc)
+- `date` (string): Date filter (recent, old, YYYY-MM-DD)
+- `size` (string): Size filter (small, medium, large, or size in MB)
+- `loaded` (boolean): Filter by loaded status
+- `unloaded` (boolean): Filter by unloaded status
+- `limit` (integer): Pagination limit (default: 50, 0 = no limit)
+- `page` (integer): Page number (default: 1)
+
+**Response:**
+```json
+{
+  "models": [
+    {
+      "name": "string",
+      "type": "checkpoint",
+      "file_size": 1234567890,
+      "file_size_mb": 1234.56,
+      "sha256": "string",
+      "sha256_short": "string",
+      "architecture": "string",
+      "recommended_vae": "string",
+      "recommended_width": 1024,
+      "recommended_height": 1024,
+      "recommended_steps": 20,
+      "recommended_sampler": "euler",
+      "required_models": [
+        {
+          "name": "string",
+          "exists": true,
+          "type": "VAE",
+          "file_size": 123456789,
+          "path": "string",
+          "sha256": "string",
+          "is_required": true,
+          "is_recommended": false
+        }
+      ],
+      "missing_models": ["string"],
+      "has_missing_dependencies": false
+    }
+  ],
+  "pagination": {
+    "page": 1,
+    "limit": 50,
+    "total_count": 100,
+    "total_pages": 2,
+    "has_next": true,
+    "has_prev": false
+  },
+  "filters_applied": {
+    "type": "checkpoint",
+    "search": "string",
+    "date": null,
+    "size": null,
+    "loaded": null,
+    "unloaded": null
+  },
+  "sorting": {
+    "sort_by": "name",
+    "sort_order": "asc"
+  },
+  "statistics": {
+    "loaded_count": 2,
+    "available_count": 100
+  },
+  "request_id": "string"
+}
+```
+
+### GET /api/models/{modelId}
+Get detailed information about a specific model.
+
+**Response:**
+```json
+{
+  "model": {
+    // Detailed model information
+  }
+}
+```
+
+### POST /api/models/{modelId}/load
+Load a specific model into memory.
+
+**Response:**
+```json
+{
+  "message": "Model loaded successfully",
+  "model": "string"
+}
+```
+
+### POST /api/models/{modelId}/unload
+Unload a specific model from memory.
+
+**Response:**
+```json
+{
+  "message": "Model unloaded successfully",
+  "model": "string"
+}
+```
+
+### GET /api/models/types
+Get available model types.
+
+**Response:**
+```json
+{
+  "types": [
+    "checkpoint",
+    "vae", 
+    "lora",
+    "controlnet",
+    "embedding",
+    "esrgan",
+    "taesd"
+  ]
+}
+```
+
+### GET /api/models/directories
+Get configured model directories.
+
+**Response:**
+```json
+{
+  "directories": {
+    "checkpoints": "/path/to/checkpoints",
+    "vae": "/path/to/vae",
+    "lora": "/path/to/lora",
+    "controlnet": "/path/to/controlnet",
+    "embeddings": "/path/to/embeddings",
+    "esrgan": "/path/to/esrgan",
+    "taesd": "/path/to/taesd"
+  }
+}
+```
+
+### POST /api/models/refresh
+Rescan model directories for new models.
+
+**Response:**
+```json
+{
+  "message": "Model refresh completed",
+  "models_found": 5,
+  "models_updated": 2
+}
+```
+
+### POST /api/models/hash
+Generate SHA256 hashes for models.
+
+**Request Body:**
+```json
+{
+  "model_names": ["string"],  // Optional, defaults to all models
+  "force_rehash": false
+}
+```
+
+**Response:**
+```json
+{
+  "request_id": "string",
+  "status": "completed",
+  "models_hashed": 5,
+  "model_hashes": {
+    "model_name": "sha256_hash"
+  },
+  "hashing_time": 12345
+}
+```
+
+### POST /api/models/convert
+Convert a model to a different format/quantization.
+
+**Request Body:**
+```json
+{
+  "model_name": "string",
+  "output_path": "string",
+  "quantization_type": "f16"
+}
+```
+
+**Response:**
+```json
+{
+  "request_id": "string",
+  "status": "completed",
+  "original_size": "2.5 GB",
+  "converted_size": "1.3 GB",
+  "conversion_time": 12345,
+  "output_path": "string"
+}
+```
+
+### GET /api/models/stats
+Get model statistics.
+
+**Response:**
+```json
+{
+  "statistics": {
+    "total_models": 100,
+    "loaded_models": 5,
+    "models_by_type": {
+      "checkpoint": 50,
+      "vae": 20,
+      "lora": 30
+    },
+    "total_size": "15.6 GB"
+  }
+}
+```
+
+### POST /api/models/batch
+Perform batch operations on models.
+
+**Request Body:**
+```json
+{
+  "operation": "load|unload|hash|convert",
+  "models": ["string"],
+  "options": {}
+}
+```
+
+**Response:**
+```json
+{
+  "request_id": "string",
+  "operation": "string",
+  "processed": 5,
+  "failed": 0,
+  "results": {}
+}
+```
+
+### POST /api/models/validate
+Validate model files and dependencies.
+
+**Request Body:**
+```json
+{
+  "model_names": ["string"]
+}
+```
+
+**Response:**
+```json
+{
+  "validation_results": {
+    "model_name": {
+      "valid": true,
+      "errors": [],
+      "warnings": [],
+      "missing_dependencies": []
+    }
+  }
+}
+```
+
+### POST /api/models/compatible
+Check model compatibility.
+
+**Request Body:**
+```json
+{
+  "model_name": "string",
+  "check_dependencies": true
+}
+```
+
+**Response:**
+```json
+{
+  "compatible": true,
+  "issues": [],
+  "recommendations": []
+}
+```
+
+### POST /api/models/requirements
+Get model requirements.
+
+**Request Body:**
+```json
+{
+  "model_name": "string"
+}
+```
+
+**Response:**
+```json
+{
+  "requirements": {
+    "required_models": [],
+    "recommended_models": [],
+    "min_memory": "8 GB",
+    "supported_features": []
+  }
+}
+```
+
+---
+
+## Image Generation
+
+### POST /api/generate/text2img
+Generate images from text prompts.
+
+**Authentication Required:** Yes
+
+**Request Body:**
+```json
+{
+  "model_name": "string",
+  "prompt": "string",
+  "negative_prompt": "string",
+  "width": 1024,
+  "height": 1024,
+  "steps": 20,
+  "cfg_scale": 7.0,
+  "sampling_method": "euler",
+  "scheduler": "karras",
+  "seed": "random",
+  "batch_count": 1,
+  "clip_skip": 1,
+  "n_threads": 4,
+  "offload_params_to_cpu": false,
+  "clip_on_cpu": false,
+  "vae_on_cpu": false,
+  "diffusion_flash_attn": false,
+  "diffusion_conv_direct": false,
+  "vae_conv_direct": false,
+  "vae_path": "string",
+  "clip_l_path": "string",
+  "clip_g_path": "string",
+  "taesd_path": "string",
+  "embedding_dir": "string",
+  "lora_model_dir": "string"
+}
+```
+
+**Response:**
+```json
+{
+  "request_id": "string",
+  "status": "queued",
+  "message": "Generation request queued successfully"
+}
+```
+
+### POST /api/generate/img2img
+Generate images from text prompts and input images.
+
+**Authentication Required:** Yes
+
+**Request Body:**
+```json
+{
+  "model_name": "string",
+  "prompt": "string",
+  "negative_prompt": "string",
+  "init_image_data": "base64_encoded_image",
+  "init_image_width": 512,
+  "init_image_height": 512,
+  "strength": 0.75,
+  "width": 1024,
+  "height": 1024,
+  "steps": 20,
+  "cfg_scale": 7.0,
+  "sampling_method": "euler",
+  "scheduler": "karras",
+  "seed": "random",
+  "batch_count": 1,
+  // ... other parameters same as text2img
+}
+```
+
+### POST /api/generate/controlnet
+Generate images using ControlNet.
+
+**Authentication Required:** Yes
+
+**Request Body:**
+```json
+{
+  "model_name": "string",
+  "prompt": "string",
+  "negative_prompt": "string",
+  "control_image_data": "base64_encoded_image",
+  "control_image_width": 512,
+  "control_image_height": 512,
+  "control_strength": 1.0,
+  "control_net_path": "string",
+  // ... other parameters same as text2img
+}
+```
+
+### POST /api/generate/upscale
+Upscale images using ESRGAN models.
+
+**Authentication Required:** Yes
+
+**Request Body:**
+```json
+{
+  "model_name": "string",
+  "init_image_data": "base64_encoded_image",
+  "init_image_width": 512,
+  "init_image_height": 512,
+  "init_image_channels": 3,
+  "upscale_factor": 4,
+  "esrgan_path": "string",
+  "n_threads": 4,
+  "offload_params_to_cpu": false,
+  "diffusion_conv_direct": false
+}
+```
+
+### POST /api/generate/inpainting
+Generate images with inpainting.
+
+**Authentication Required:** Yes
+
+**Request Body:**
+```json
+{
+  "model_name": "string",
+  "prompt": "string",
+  "negative_prompt": "string",
+  "init_image_data": "base64_encoded_image",
+  "init_image_width": 512,
+  "init_image_height": 512,
+  "mask_image_data": "base64_encoded_mask",
+  "mask_image_width": 512,
+  "mask_image_height": 512,
+  // ... other parameters same as text2img
+}
+```
+
+---
+
+## Queue Management
+
+### GET /api/queue/status
+Get the current queue status and all jobs.
+
+**Authentication Required:** Yes
+
+**Response:**
+```json
+{
+  "queue": {
+    "size": 5,
+    "active_generations": 1,
+    "running": true,
+    "jobs": [
+      {
+        "id": "string",
+        "status": "queued|processing|completed|failed",
+        "prompt": "string",
+        "queued_time": 1234567890,
+        "start_time": 1234567890,
+        "end_time": 1234567890,
+        "position": 1,
+        "progress": 0.5,
+        "current_step": 10,
+        "total_steps": 20,
+        "time_elapsed": 5000,
+        "time_remaining": 5000,
+        "speed": 2.0
+      }
+    ]
+  }
+}
+```
+
+### GET /api/queue/job/{jobId}
+Get detailed information about a specific job.
+
+**Authentication Required:** Yes
+
+**Response:**
+```json
+{
+  "job": {
+    "id": "string",
+    "status": "completed",
+    "prompt": "string",
+    "queued_time": 1234567890,
+    "start_time": 1234567890,
+    "end_time": 1234567890,
+    "position": 0,
+    "outputs": [
+      {
+        "filename": "string",
+        "url": "/api/queue/job/{jobId}/output/{filename}",
+        "path": "/path/to/output/file"
+      }
+    ],
+    "error_message": "string",
+    "progress": 1.0
+  }
+}
+```
+
+### POST /api/queue/cancel
+Cancel a specific job.
+
+**Authentication Required:** Yes
+
+**Request Body:**
+```json
+{
+  "job_id": "string"
+}
+```
+
+**Response:**
+```json
+{
+  "status": "success",
+  "message": "Job cancelled successfully",
+  "job_id": "string"
+}
+```
+
+### POST /api/queue/clear
+Clear all queued jobs.
+
+**Authentication Required:** Yes
+
+**Response:**
+```json
+{
+  "status": "success",
+  "message": "Queue cleared successfully"
+}
+```
+
+---
+
+## File Management
+
+### GET /api/queue/job/{jobId}/output/{filename}
+Download a specific output file from a completed job.
+
+**Authentication Required:** No (public for frontend access)
+
+**Response:** Binary file data with appropriate Content-Type header
+
+### GET /api/v1/jobs/{jobId}/output/{filename}
+Alternative endpoint for downloading job output files.
+
+**Authentication Required:** No
+
+**Query Parameters:**
+- `thumb` (boolean): Generate thumbnail
+- `size` (integer): Thumbnail size (50-500px)
+
+**Response:** Image file or thumbnail
+
+### GET /api/image/download
+Download an image from a URL (CORS-free handling).
+
+**Authentication Required:** No
+
+**Query Parameters:**
+- `url` (string): Image URL to download
+
+**Response:** Binary image data
+
+### POST /api/image/resize
+Resize an image.
+
+**Authentication Required:** Yes
+
+**Request Body:**
+```json
+{
+  "image_data": "base64_encoded_image",
+  "width": 512,
+  "height": 512,
+  "maintain_aspect_ratio": true
+}
+```
+
+**Response:**
+```json
+{
+  "resized_image_data": "base64_encoded_resized_image",
+  "width": 512,
+  "height": 512
+}
+```
+
+### POST /api/image/crop
+Crop an image.
+
+**Authentication Required:** Yes
+
+**Request Body:**
+```json
+{
+  "image_data": "base64_encoded_image",
+  "x": 100,
+  "y": 100,
+  "width": 200,
+  "height": 200
+}
+```
+
+**Response:**
+```json
+{
+  "cropped_image_data": "base64_encoded_cropped_image",
+  "width": 200,
+  "height": 200
+}
+```
+
+---
+
+## Utilities
+
+### GET /api/samplers
+Get available sampling methods.
+
+**Authentication Required:** Yes
+
+**Response:**
+```json
+{
+  "samplers": [
+    "euler",
+    "euler_a",
+    "heun",
+    "dpm2",
+    "dpmpp2s_a",
+    "dpmpp2m",
+    "dpmpp2mv2",
+    "ipndm",
+    "ipndm_v",
+    "lcm",
+    "ddim_trailing",
+    "tcd"
+  ]
+}
+```
+
+### GET /api/schedulers
+Get available schedulers.
+
+**Authentication Required:** Yes
+
+**Response:**
+```json
+{
+  "schedulers": [
+    "discrete",
+    "karras",
+    "exponential",
+    "ays",
+    "gits",
+    "smoothstep",
+    "sgm_uniform",
+    "simple"
+  ]
+}
+```
+
+### GET /api/parameters
+Get available generation parameters and their defaults.
+
+**Authentication Required:** Yes
+
+**Response:**
+```json
+{
+  "parameters": {
+    "width": {
+      "min": 64,
+      "max": 4096,
+      "default": 1024,
+      "step": 8
+    },
+    "height": {
+      "min": 64,
+      "max": 4096,
+      "default": 1024,
+      "step": 8
+    },
+    "steps": {
+      "min": 1,
+      "max": 150,
+      "default": 20,
+      "step": 1
+    },
+    "cfg_scale": {
+      "min": 1.0,
+      "max": 30.0,
+      "default": 7.0,
+      "step": 0.1
+    },
+    "batch_count": {
+      "min": 1,
+      "max": 50,
+      "default": 1,
+      "step": 1
+    }
+  }
+}
+```
+
+### POST /api/validate
+Validate generation parameters.
+
+**Authentication Required:** No
+
+**Request Body:**
+```json
+{
+  "model_name": "string",
+  "width": 1024,
+  "height": 1024,
+  "steps": 20,
+  "cfg_scale": 7.0,
+  "sampling_method": "euler",
+  "scheduler": "karras"
+}
+```
+
+**Response:**
+```json
+{
+  "valid": true,
+  "errors": [],
+  "warnings": [],
+  "recommendations": []
+}
+```
+
+### POST /api/estimate
+Estimate generation time and resource usage.
+
+**Authentication Required:** Yes
+
+**Request Body:**
+```json
+{
+  "model_name": "string",
+  "width": 1024,
+  "height": 1024,
+  "steps": 20,
+  "batch_count": 1
+}
+```
+
+**Response:**
+```json
+{
+  "estimated_time": 15000,
+  "estimated_memory": "2.5 GB",
+  "estimated_vram": "4.0 GB",
+  "confidence": 0.85
+}
+```
+
+---
+
+## Error Responses
+
+All endpoints may return error responses in the following format:
+
+```json
+{
+  "error": {
+    "message": "Error description",
+    "code": "ERROR_CODE",
+    "status_code": 400,
+    "request_id": "string",
+    "timestamp": 1234567890
+  }
+}
+```
+
+### Common Error Codes
+
+- `AUTH_REQUIRED`: Authentication is required for this endpoint
+- `INVALID_CREDENTIALS`: Invalid username or password
+- `INSUFFICIENT_PERMISSIONS`: User lacks required permissions
+- `MODEL_NOT_FOUND`: Model not found
+- `MODEL_NOT_LOADED`: Model not loaded into memory
+- `JOB_NOT_FOUND`: Job not found
+- `INVALID_PARAMETERS`: Invalid request parameters
+- `VALIDATION_ERROR`: Parameter validation failed
+- `INTERNAL_ERROR`: Internal server error
+
+---
+
+## Authentication and Authorization
+
+### Authentication Headers
+
+For endpoints requiring authentication, include one of the following:
+
+**JWT Token:**
+```
+Authorization: Bearer <jwt_token>
+```
+
+**API Key:**
+```
+X-API-Key: <api_key>
+```
+
+**Unix User:**
+```
+X-Unix-User: <username>
+```
+
+### Permission Levels
+
+- **Guest**: No authentication required (public endpoints)
+- **User**: Can generate images and manage own jobs
+- **Admin**: Can manage models, users, and system settings
+
+### Public Endpoints
+
+The following endpoints do not require authentication:
+- `GET /api/health`
+- `GET /api/status`
+- `GET /api/version`
+- `GET /api/queue/job/{jobId}/output/{filename}`
+- `GET /api/v1/jobs/{jobId}/output/{filename}`
+- `GET /api/image/download`
+- `POST /api/validate`
+
+---
+
+## Rate Limiting and Usage
+
+### Concurrent Generation Limits
+
+The server limits concurrent generations based on configuration:
+- Default: 1 concurrent generation
+- Configurable via server settings
+
+### Queue Management
+
+- Jobs are processed in FIFO order
+- Queue status can be monitored via `/api/queue/status`
+- Jobs can be cancelled before processing starts
+
+### File Storage
+
+- Generated images are stored in configured output directory
+- Files are organized by job ID: `{output_dir}/{job_id}/{filename}`
+- Output files can be downloaded via public endpoints
+
+---
+
+## WebSocket Support
+
+The API supports WebSocket connections for real-time updates:
+
+### Connection Endpoint
+
+```
+ws://localhost:8080/ws
+```
+
+### Message Types
+
+- `job_update`: Real-time job progress updates
+- `queue_update`: Queue status changes
+- `system_update`: System status changes
+
+### WebSocket Message Format
+
+```json
+{
+  "type": "job_update",
+  "data": {
+    "job_id": "string",
+    "progress": 0.5,
+    "current_step": 10,
+    "total_steps": 20,
+    "time_elapsed": 5000,
+    "time_remaining": 5000
+  }
+}
+```
+
+---
+
+## Examples
+
+### Basic Text-to-Image Generation
+
+```bash
+# Login
+curl -X POST http://localhost:8080/api/auth/login \
+  -H "Content-Type: application/json" \
+  -d '{"username": "user", "password": "pass"}'
+
+# Generate image
+curl -X POST http://localhost:8080/api/generate/text2img \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer <token>" \
+  -d '{
+    "model_name": "sd_xl_base_1.0.safetensors",
+    "prompt": "A beautiful landscape",
+    "width": 1024,
+    "height": 1024,
+    "steps": 20,
+    "cfg_scale": 7.0
+  }'
+
+# Check job status
+curl -X GET http://localhost:8080/api/queue/job/{job_id} \
+  -H "Authorization: Bearer <token>"
+
+# Download result
+curl -X GET http://localhost:8080/api/queue/job/{job_id}/output/image_0.png \
+  --output generated_image.png
+```
+
+### Model Management
+
+```bash
+# List models
+curl -X GET http://localhost:8080/api/models \
+  -H "Authorization: Bearer <token>"
+
+# Load a model
+curl -X POST http://localhost:8080/api/models/model_hash/load \
+  -H "Authorization: Bearer <token>"
+
+# Get model info
+curl -X GET http://localhost:8080/api/models/model_hash \
+  -H "Authorization: Bearer <token>"
+```
+
+---
+
+## Configuration
+
+### Environment Variables
+
+- `STABLE_DIFFUSION_PORT`: Server port (default: 8080)
+- `STABLE_DIFFUSION_HOST`: Server host (default: 0.0.0.0)
+- `STABLE_DIFFUSION_MODELS_DIR`: Models directory path
+- `STABLE_DIFFUSION_OUTPUT_DIR`: Output directory path
+
+### Server Configuration
+
+The server can be configured via:
+- Command line arguments
+- Configuration file
+- Environment variables
+
+Refer to the server documentation for detailed configuration options.
+
+---
+
+## Troubleshooting
+
+### Common Issues
+
+1. **Model not loaded**: Ensure the model is loaded before generation
+2. **Authentication failed**: Check credentials and auth method
+3. **Generation timeout**: Increase timeout or reduce image size
+4. **Memory errors**: Reduce batch size or image dimensions
+
+### Debug Mode
+
+Enable debug logging by setting:
+- `verbose=true` in server configuration
+- `RUST_LOG=debug` environment variable
+
+### Health Checks
+
+Monitor server health:
+```bash
+curl -X GET http://localhost:8080/api/health
+curl -X GET http://localhost:8080/api/status
+```
+
+---
+
+For more information, refer to the project README and source code documentation.

webui/STRUCTURE.md

@@ -0,0 +1,207 @@
+# WebUI Directory Structure
+
+This document describes the refactored, organized structure of the WebUI.
+
+## Overview
+
+The WebUI follows a feature-based architecture with clear separation of concerns:
+
+```
+webui/
+├── app/                    # Next.js App Router (pages and layouts)
+│   ├── (auth)/            # Auth-protected routes
+│   ├── globals.css        # Global styles
+│   ├── layout.tsx         # Root layout
+│   └── page.tsx           # Home page
+├── components/            # React components
+│   ├── features/         # Feature-specific components
+│   │   ├── image-generation/
+│   │   ├── models/
+│   │   ├── queue/
+│   │   └── index.ts
+│   ├── forms/            # Form components
+│   ├── layout/           # Layout and navigation
+│   ├── ui/               # Reusable UI primitives
+│   └── index.ts          # Component barrel exports
+├── lib/                  # Core utilities and services
+│   ├── hooks/            # Custom React hooks
+│   ├── services/         # API and external services
+│   ├── types/            # TypeScript type definitions
+│   ├── utils/            # Utility functions
+│   └── index.ts          # Library barrel exports
+├── public/               # Static assets
+└── contexts/             # React context providers
+```
+
+## Component Organization
+
+### Features
+
+Feature components are organized by domain:
+
+- **`features/image-generation/`** - Components for image generation UI
+- **`features/models/`** - Model management components
+- **`features/queue/`** - Job queue and monitoring components
+
+### Forms
+
+Reusable form components:
+
+- **`forms/prompt-textarea.tsx`** - Enhanced text input for prompts
+
+### Layout
+
+Layout and navigation components:
+
+- **`layout/app-layout.tsx`** - Main application layout
+- **`layout/header.tsx`** - Application header
+- **`layout/sidebar.tsx`** - Navigation sidebar
+- **`layout/theme-provider.tsx`** - Theme context provider
+
+### UI
+
+Low-level reusable UI components (shadcn/ui style):
+
+- **`ui/button.tsx`** - Button component
+- **`ui/card.tsx`** - Card container
+- **`ui/input.tsx`** - Input field
+- **`ui/select.tsx`** - Select dropdown
+- And more...
+
+## Library Structure
+
+### Hooks
+
+Custom React hooks for common functionality:
+
+```typescript
+// hooks/hooks.ts
+export function useLocalStorage<T>(key: string, initialValue: T)
+export function useAutoSave<T>(key: string, value: T, delay?: number)
+```
+
+### Services
+
+External API and business logic services:
+
+```typescript
+// services/
+export { apiClient } from '../api'
+export { AutoModelSelector } from '../auto-model-selector'
+```
+
+### Types
+
+TypeScript type definitions and interfaces:
+
+```typescript
+// types/
+export interface GenerationParams { ... }
+export interface ModelDetails { ... }
+```
+
+## Import Patterns
+
+### Component Imports
+
+```typescript
+// Good: Feature-specific imports
+import { ModelStatusBar, EnhancedModelSelect } from '@/components/features';
+
+// Good: Layout imports
+import { AppLayout, Header } from '@/components/layout';
+
+// Good: UI imports
+import { Button, Card } from '@/components/ui';
+
+// Good: Barrel imports
+import { useLocalStorage, apiClient } from '@/lib';
+```
+
+### Path Aliases
+
+- `@/` - Root of the webui directory
+- `@/components/*` - All component imports
+- `@/lib/*` - All library imports
+- `@/app/*` - App router pages
+
+## Benefits of This Structure
+
+### 1. Scalability
+
+- Feature-based organization allows teams to work independently
+- Clear separation of concerns reduces coupling
+- Consistent patterns make onboarding easier
+
+### 2. Maintainability
+
+- Related code is co-located
+- Clear naming conventions
+- Barrel exports simplify imports
+
+### 3. Reusability
+
+- UI components are generic and reusable
+- Hooks abstract common patterns
+- Services can be shared across features
+
+### 4. Type Safety
+
+- Centralized type definitions
+- Clear interfaces between components
+- Consistent TypeScript usage
+
+## Migration Guide
+
+### Moving Components
+
+When adding new components:
+
+1. **UI Components** → `components/ui/`
+2. **Feature Components** → `components/features/{domain}/`
+3. **Form Components** → `components/forms/`
+4. **Layout Components** → `components/layout/`
+
+### Adding Utilities
+
+1. **Hooks** → `lib/hooks/`
+2. **Services** → `lib/services/`
+3. **Types** → `lib/types/`
+4. **Utils** → `lib/utils/`
+
+### Export Patterns
+
+Always export from index files:
+
+```typescript
+// components/features/models/index.ts
+export { ModelList } from './model-list';
+export { ModelStatusBar } from './model-status-bar';
+```
+
+## Development Guidelines
+
+### 1. Feature First
+
+Organize by feature, not by file type. All related code for a feature should be together.
+
+### 2. Barrel Exports
+
+Use index.ts files to provide clean import paths and hide implementation details.
+
+### 3. Consistent Naming
+
+- Components: PascalCase
+- Files: kebab-case
+- Hooks: camelCase with `use` prefix
+- Types: PascalCase with descriptive names
+
+### 4. Co-location
+
+Keep related files together:
+
+- Component with its types
+- Hook with its tests
+- Service with its types
+
+This structure provides a solid foundation for scaling the WebUI application while maintaining code quality and developer productivity.