173 lines
7.1 KiB
Go
173 lines
7.1 KiB
Go
package interfaces
|
|
|
|
import (
|
|
"context"
|
|
"time"
|
|
|
|
"github.com/google/uuid"
|
|
"github.com/RyanCopley/skybridge/user/internal/domain"
|
|
)
|
|
|
|
// UserRepository defines the interface for user data operations
|
|
type UserRepository interface {
|
|
// Create creates a new user
|
|
Create(ctx context.Context, user *domain.User) error
|
|
|
|
// GetByID retrieves a user by ID
|
|
GetByID(ctx context.Context, id uuid.UUID) (*domain.User, error)
|
|
|
|
// GetByEmail retrieves a user by email
|
|
GetByEmail(ctx context.Context, email string) (*domain.User, error)
|
|
|
|
// Update updates an existing user
|
|
Update(ctx context.Context, user *domain.User) error
|
|
|
|
// Delete deletes a user by ID
|
|
Delete(ctx context.Context, id uuid.UUID) error
|
|
|
|
// List retrieves users with filtering and pagination
|
|
List(ctx context.Context, req *domain.ListUsersRequest) (*domain.ListUsersResponse, error)
|
|
|
|
// UpdateLastLogin updates the last login timestamp
|
|
UpdateLastLogin(ctx context.Context, id uuid.UUID) error
|
|
|
|
// Count returns the total number of users matching the filter
|
|
Count(ctx context.Context, req *domain.ListUsersRequest) (int, error)
|
|
|
|
// ExistsByEmail checks if a user exists with the given email
|
|
ExistsByEmail(ctx context.Context, email string) (bool, error)
|
|
|
|
// Security methods
|
|
IncrementFailedAttempts(ctx context.Context, userID uuid.UUID, lockoutDuration time.Duration) error
|
|
ResetFailedAttempts(ctx context.Context, userID uuid.UUID) error
|
|
GetFailedAttempts(ctx context.Context, userID uuid.UUID) (int, *time.Time, error)
|
|
SetEmailVerified(ctx context.Context, userID uuid.UUID, verified bool) error
|
|
UpdatePassword(ctx context.Context, userID uuid.UUID, passwordHash string) error
|
|
UpdateTwoFactorSettings(ctx context.Context, userID uuid.UUID, enabled bool, secret *string, backupCodes []string) error
|
|
}
|
|
|
|
// UserProfileRepository defines the interface for user profile operations
|
|
type UserProfileRepository interface {
|
|
// Create creates a new user profile
|
|
Create(ctx context.Context, profile *domain.UserProfile) error
|
|
|
|
// GetByUserID retrieves a user profile by user ID
|
|
GetByUserID(ctx context.Context, userID uuid.UUID) (*domain.UserProfile, error)
|
|
|
|
// Update updates an existing user profile
|
|
Update(ctx context.Context, profile *domain.UserProfile) error
|
|
|
|
// Delete deletes a user profile by user ID
|
|
Delete(ctx context.Context, userID uuid.UUID) error
|
|
}
|
|
|
|
// UserSessionRepository defines the interface for user session operations
|
|
type UserSessionRepository interface {
|
|
// Create creates a new user session
|
|
Create(ctx context.Context, session *domain.UserSession) error
|
|
|
|
// GetByToken retrieves a session by token
|
|
GetByToken(ctx context.Context, token string) (*domain.UserSession, error)
|
|
|
|
// GetByUserID retrieves all sessions for a user
|
|
GetByUserID(ctx context.Context, userID uuid.UUID) ([]domain.UserSession, error)
|
|
|
|
// Update updates an existing session (e.g., last used time)
|
|
Update(ctx context.Context, session *domain.UserSession) error
|
|
|
|
// Delete deletes a session by ID
|
|
Delete(ctx context.Context, id uuid.UUID) error
|
|
|
|
// DeleteByUserID deletes all sessions for a user
|
|
DeleteByUserID(ctx context.Context, userID uuid.UUID) error
|
|
|
|
// DeleteExpired deletes all expired sessions
|
|
DeleteExpired(ctx context.Context) error
|
|
|
|
// IsValidToken checks if a token is valid and not expired
|
|
IsValidToken(ctx context.Context, token string) (bool, error)
|
|
}
|
|
|
|
// AuditRepository defines the interface for audit logging
|
|
type AuditRepository interface {
|
|
// LogEvent logs an audit event
|
|
LogEvent(ctx context.Context, event *AuditEvent) error
|
|
|
|
// GetEvents retrieves audit events with filtering
|
|
GetEvents(ctx context.Context, req *GetEventsRequest) (*GetEventsResponse, error)
|
|
}
|
|
|
|
// AuditEvent represents an audit event
|
|
type AuditEvent struct {
|
|
ID uuid.UUID `json:"id" db:"id"`
|
|
Type string `json:"type" db:"type"`
|
|
Severity string `json:"severity" db:"severity"`
|
|
Status string `json:"status" db:"status"`
|
|
Timestamp string `json:"timestamp" db:"timestamp"`
|
|
ActorID string `json:"actor_id" db:"actor_id"`
|
|
ActorType string `json:"actor_type" db:"actor_type"`
|
|
ActorIP string `json:"actor_ip" db:"actor_ip"`
|
|
UserAgent string `json:"user_agent" db:"user_agent"`
|
|
ResourceID string `json:"resource_id" db:"resource_id"`
|
|
ResourceType string `json:"resource_type" db:"resource_type"`
|
|
Action string `json:"action" db:"action"`
|
|
Description string `json:"description" db:"description"`
|
|
Details map[string]interface{} `json:"details" db:"details"`
|
|
RequestID string `json:"request_id" db:"request_id"`
|
|
SessionID string `json:"session_id" db:"session_id"`
|
|
}
|
|
|
|
// GetEventsRequest represents a request to get audit events
|
|
type GetEventsRequest struct {
|
|
UserID *uuid.UUID `json:"user_id,omitempty"`
|
|
ResourceType *string `json:"resource_type,omitempty"`
|
|
Action *string `json:"action,omitempty"`
|
|
StartTime *string `json:"start_time,omitempty"`
|
|
EndTime *string `json:"end_time,omitempty"`
|
|
Limit int `json:"limit,omitempty"`
|
|
Offset int `json:"offset,omitempty"`
|
|
}
|
|
|
|
// GetEventsResponse represents a response for audit events
|
|
type GetEventsResponse struct {
|
|
Events []AuditEvent `json:"events"`
|
|
Total int `json:"total"`
|
|
Limit int `json:"limit"`
|
|
Offset int `json:"offset"`
|
|
HasMore bool `json:"has_more"`
|
|
}
|
|
|
|
// PasswordResetTokenRepository defines the interface for password reset token operations
|
|
type PasswordResetTokenRepository interface {
|
|
Create(ctx context.Context, token *domain.PasswordResetToken) error
|
|
GetByToken(ctx context.Context, token string) (*domain.PasswordResetToken, error)
|
|
MarkAsUsed(ctx context.Context, tokenID uuid.UUID) error
|
|
DeleteExpired(ctx context.Context) error
|
|
DeleteByUserID(ctx context.Context, userID uuid.UUID) error
|
|
}
|
|
|
|
// EmailVerificationTokenRepository defines the interface for email verification token operations
|
|
type EmailVerificationTokenRepository interface {
|
|
Create(ctx context.Context, token *domain.EmailVerificationToken) error
|
|
GetByToken(ctx context.Context, token string) (*domain.EmailVerificationToken, error)
|
|
MarkAsUsed(ctx context.Context, tokenID uuid.UUID) error
|
|
DeleteExpired(ctx context.Context) error
|
|
DeleteByUserID(ctx context.Context, userID uuid.UUID) error
|
|
}
|
|
|
|
// LoginAttemptRepository defines the interface for login attempt tracking
|
|
type LoginAttemptRepository interface {
|
|
Create(ctx context.Context, attempt *domain.LoginAttempt) error
|
|
GetRecentAttempts(ctx context.Context, email string, since time.Time) ([]domain.LoginAttempt, error)
|
|
GetFailedAttemptsCount(ctx context.Context, email string, since time.Time) (int, error)
|
|
DeleteOldAttempts(ctx context.Context, before time.Time) error
|
|
}
|
|
|
|
// TwoFactorRecoveryCodeRepository defines the interface for 2FA recovery code operations
|
|
type TwoFactorRecoveryCodeRepository interface {
|
|
Create(ctx context.Context, codes []domain.TwoFactorRecoveryCode) error
|
|
GetByUserID(ctx context.Context, userID uuid.UUID) ([]domain.TwoFactorRecoveryCode, error)
|
|
MarkAsUsed(ctx context.Context, codeID uuid.UUID) error
|
|
DeleteByUserID(ctx context.Context, userID uuid.UUID) error
|
|
ValidateCode(ctx context.Context, userID uuid.UUID, codeHash string) (bool, error)
|
|
} |