Initial project snapshot

2026-04-28 22:29:50 +03:00
commit 8ba0561f4f
365 changed files with 91832 additions and 0 deletions
@@ -0,0 +1,114 @@
+package auth
+
+import (
+	"encoding/json"
+	"time"
+)
+
+type DeviceTrustStatus string
+
+const (
+	DeviceTrustStatusPending DeviceTrustStatus = "pending"
+	DeviceTrustStatusTrusted DeviceTrustStatus = "trusted"
+	DeviceTrustStatusRevoked DeviceTrustStatus = "revoked"
+)
+
+type User struct {
+	ID           string
+	Email        string
+	PasswordHash string
+	MFAEnabled   bool
+	CreatedAt    time.Time
+	UpdatedAt    time.Time
+}
+
+type Device struct {
+	ID            string
+	UserID        string
+	Fingerprint   string
+	Label         string
+	TrustStatus   DeviceTrustStatus
+	TrustedAt     *time.Time
+	LastSeenAt    *time.Time
+	RevokedAt     *time.Time
+	RevokedReason *string
+	CreatedAt     time.Time
+	UpdatedAt     time.Time
+}
+
+type AuthSession struct {
+	ID               string
+	UserID           string
+	DeviceID         string
+	RefreshTokenHash string
+	RefreshExpiresAt time.Time
+	LastSeenAt       *time.Time
+	LastRotatedAt    *time.Time
+	RevokedAt        *time.Time
+	RevokedReason    *string
+	CreatedAt        time.Time
+	UpdatedAt        time.Time
+}
+
+type LoginCommand struct {
+	Email             string `json:"email"`
+	Password          string `json:"password"`
+	DeviceFingerprint string `json:"device_fingerprint"`
+	DeviceLabel       string `json:"device_label"`
+	TrustDevice       bool   `json:"trust_device"`
+}
+
+type RefreshCommand struct {
+	RefreshToken string `json:"refresh_token"`
+}
+
+type BootstrapOwnerCommand struct {
+	Email               string          `json:"email"`
+	Password            string          `json:"password"`
+	ActivationPayload   json.RawMessage `json:"activation_payload"`
+	ActivationSignature string          `json:"activation_signature"`
+}
+
+type RevokeAuthSessionCommand struct {
+	UserID        string `json:"user_id"`
+	AuthSessionID string `json:"auth_session_id"`
+	Reason        string `json:"reason"`
+}
+
+type RevokeDeviceCommand struct {
+	UserID   string `json:"user_id"`
+	DeviceID string `json:"device_id"`
+	Reason   string `json:"reason"`
+}
+
+type TokenPair struct {
+	AccessToken           string    `json:"access_token"`
+	AccessTokenExpiresAt  time.Time `json:"access_token_expires_at"`
+	RefreshToken          string    `json:"refresh_token"`
+	RefreshTokenExpiresAt time.Time `json:"refresh_token_expires_at"`
+}
+
+type AuthResult struct {
+	User        User        `json:"user"`
+	Device      Device      `json:"device"`
+	AuthSession AuthSession `json:"auth_session"`
+	Tokens      TokenPair   `json:"tokens"`
+}
+
+type InstallationStatus struct {
+	Bootstrapped             bool       `json:"bootstrapped"`
+	AuthorityState           string     `json:"authority_state"`
+	InstallID                string     `json:"install_id,omitempty"`
+	BootstrappedOwnerEmail   string     `json:"bootstrapped_owner_email,omitempty"`
+	BootstrappedAt           *time.Time `json:"bootstrapped_at,omitempty"`
+	AuthorityMode            string     `json:"authority_mode"`
+	StrictAuthority          bool       `json:"strict_authority"`
+	RootFingerprint          string     `json:"root_fingerprint,omitempty"`
+	InsecureBootstrapAllowed bool       `json:"insecure_bootstrap_allowed"`
+}
+
+type BootstrapOwnerResult struct {
+	Installation InstallationStatus `json:"installation"`
+	User         User               `json:"user"`
+	PlatformRole string             `json:"platform_role"`
+}