Complete implementation planning for CLI app with MFA

- Created implementation plan with technical context
- Developed data models for User Session, Sync Job, and Authentication Token
- Defined API contracts for authentication, sync triggering, and status checking
- Created quickstart guide for CLI usage
- Updated agent context with new technology stack
- Verified constitution compliance for all design decisions

specs/006-cli-auth-sync-mfa/contracts/sync_cli_trigger.yaml

@@ -0,0 +1,107 @@
+openapi: 3.0.0
+info:
+  title: GarminSync CLI Sync Trigger API
+  version: 1.0.0
+  description: API for triggering sync operations via CLI
+paths:
+  /api/sync/cli/trigger:
+    post:
+      summary: Trigger a sync operation via CLI
+      description: Initiates a data sync operation for the authenticated user
+      security:
+        - bearerAuth: []
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                sync_type:
+                  type: string
+                  enum: [activities, health, workouts]
+                  description: Type of data to sync
+                date_range:
+                  type: object
+                  properties:
+                    start_date:
+                      type: string
+                      format: date
+                      description: Start date for sync (YYYY-MM-DD)
+                    end_date:
+                      type: string
+                      format: date
+                      description: End date for sync (YYYY-MM-DD)
+                force_full_sync:
+                  type: boolean
+                  description: Whether to perform a full sync instead of incremental
+      responses:
+        '200':
+          description: Sync operation successfully initiated
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  success:
+                    type: boolean
+                    example: true
+                  job_id:
+                    type: string
+                    description: Unique identifier for the sync job
+                  status:
+                    type: string
+                    description: Current status of the sync job
+                    enum: [pending, running]
+                  message:
+                    type: string
+                    description: Status message
+        '400':
+          description: Invalid request parameters
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  success:
+                    type: boolean
+                    example: false
+                  error:
+                    type: string
+                    description: Error message
+        '401':
+          description: Authentication required or invalid token
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  success:
+                    type: boolean
+                    example: false
+                  error:
+                    type: string
+                    description: Error message
+        '409':
+          description: Sync already in progress for this user
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  success:
+                    type: boolean
+                    example: false
+                  error:
+                    type: string
+                    description: Error message
+                  active_job_id:
+                    type: string
+                    description: ID of the currently active job
+
+components:
+  securitySchemes:
+    bearerAuth:
+      type: http
+      scheme: bearer
+      bearerFormat: JWT