# Application Overview:
I want to build a back-end application using Go that provides an API for managing boxes and items stored in those boxes. The app should be hosted in a Docker container and use SQLite3 as the database. Additionally, I want a config.yaml file to manage configuration (database path, JWT secret, and image storage directory). It should also support JWT-based authentication with a default user of 'boxuser' and password 'boxuser'.

I would like it to log all logins, box creation/deletion, and item creation/deletion to a local log file, specified in config.yaml.

# Database Tables:
- `boxes`: A table containing an ID and a name.
- `items`: A table containing an item name, description, the ID of the box it is stored in, and an optional path to an image of the item.
- `users`: A table containing usernames and passwords (hashed) for authentication.

# API Endpoints:
1. Authentication:
   - POST `/login`: Authenticates a user and returns a JWT.
2. Boxes:
   - GET `/boxes`: Retrieves all boxes.
   - POST `/boxes`: Creates a new box.
   - DELETE :`/boxes/{id}`: Deletes a box by its ID.
3. Items:
   - GET `/items`: Retrieves all items, optionally searchable by description.
   - POST `/items`: Adds a new item to a box.
   - GET `/items/{id}`: Retrieves an item by its ID.
   - PUT `/items/{id}`: Updates an existing item.
   - GET `/items/{id}/items`: Retrieves all items in box with this id.
   - DELETE `/items/{id}`: Deletes an item by its ID.
   - GET `/items/{id}/image`: Retrieves the image of an item.

# Additional Details:
- If the database doesn’t exist, it should be created automatically when the app starts.
- Images should be stored locally, and their paths should be saved in the database.
- The default user for the app should be 'boxuser' with a password of 'boxuser'.

Here's clarification in yaml format:

```yaml
app_overview:
  language: Go
  database: SQLite3
  docker: true
  authentication: JWT
  config_file: config.yaml

database_tables:
  boxes:
    columns:
      - id
      - name
  items:
    columns:
      - id
      - name
      - description
      - box_id
      - image_path
  users:
    columns:
      - id
      - username
      - password

api_endpoints:
  login:
    method: POST
    path: /login
    description: "Authenticate a user and return a JWT."
  boxes:
    - method: GET
      path: /boxes
      description: "Retrieve all boxes."
    - method: POST
      path: /boxes
      description: "Create a new box."
  items:
    - method: GET
      path: /items
      description: "Retrieve all items, searchable by description."
    - method: POST
      path: /items
      description: "Add a new item to a box."
    - method: GET
      path: /items/{id}
      description: "Retrieve an item by its ID."
    - method: GET
      path: /items/{id}/items
      description: "Retrieve all items in box with this id."
    - method: PUT
      path: /items/{id}
      description: "Update an existing item."
    - method: DELETE
      path: /items/{id}
      description: "Delete an item by its ID."
    - method: GET
      path: /items/{id}/image
      description: "Retrieve the image of an item."

config_file:
  database_path: "data/boxes.db"
  jwt_secret: "super_secret_key"
  image_storage_dir: "images/"
  listening_port: 8080
  log_file: "boxes.log"

default_user:
  username: "boxuser"
  password: "boxuser"

```