Initial commit: Open sourcing all of the Maple Open Technologies code.
This commit is contained in:
commit
755d54a99d
2010 changed files with 448675 additions and 0 deletions
153
cloud/maplefile-backend/internal/domain/user/model.go
Normal file
153
cloud/maplefile-backend/internal/domain/user/model.go
Normal file
|
|
@ -0,0 +1,153 @@
|
|||
// codeberg.org/mapleopentech/monorepo/cloud/maplefile-backend/internal/domain/user/model.go
|
||||
package user
|
||||
|
||||
import (
|
||||
"time"
|
||||
|
||||
"codeberg.org/mapleopentech/monorepo/cloud/maplefile-backend/internal/domain/crypto"
|
||||
"github.com/gocql/gocql"
|
||||
)
|
||||
|
||||
const (
|
||||
UserStatusActive = 1 // User is active and can log in.
|
||||
UserStatusLocked = 50 // User account is locked, typically due to too many failed login attempts.
|
||||
UserStatusArchived = 100 // User account is archived and cannot log in.
|
||||
|
||||
UserRoleRoot = 1 // Root user, has all permissions
|
||||
UserRoleCompany = 2 // Company user, has permissions for company-related operations
|
||||
UserRoleIndividual = 3 // Individual user, has permissions for individual-related operations
|
||||
|
||||
UserProfileVerificationStatusUnverified = 1 // The user's profile has not yet been submitted for verification.
|
||||
UserProfileVerificationStatusSubmittedForReview = 2 // The user's profile has been submitted and is awaiting review.
|
||||
UserProfileVerificationStatusApproved = 3 // The user's profile has been approved.
|
||||
UserProfileVerificationStatusRejected = 4 // The user's profile has been rejected.
|
||||
|
||||
// StorePendingStatus indicates this store needs to be reviewed by CPS and approved / rejected.
|
||||
StorePendingStatus = 1 // Store is pending review.
|
||||
StoreActiveStatus = 2 // Store is active and can be used.
|
||||
StoreRejectedStatus = 3 // Store has been rejected.
|
||||
StoreErrorStatus = 4 // Store has encountered an error.
|
||||
StoreArchivedStatus = 5 // Store has been archived.
|
||||
|
||||
EstimatedSubmissionsPerMonth1To10 = 1 // Estimated submissions per month: 1 to 10
|
||||
EstimatedSubmissionsPerMonth10To25 = 2 // Estimated submissions per month: 10 to 25
|
||||
EstimatedSubmissionsPerMonth25To50 = 3 // Estimated submissions per month: 25 to 50
|
||||
EstimatedSubmissionsPerMonth50To10 = 4 // Estimated submissions per month: 50 to 100
|
||||
EstimatedSubmissionsPerMonth100Plus = 5 // Estimated submissions per month: 100+
|
||||
|
||||
HasOtherGradingServiceYes = 1 // Has other grading service: Yes
|
||||
HasOtherGradingServiceNo = 2 // Has other grading service: No
|
||||
RequestWelcomePackageYes = 1 // Request welcome package: Yes
|
||||
RequestWelcomePackageNo = 2 // Request welcome package: No
|
||||
|
||||
SpecialCollection040001 = 1
|
||||
|
||||
UserCodeTypeEmailVerification = "email_verification"
|
||||
UserCodeTypePasswordReset = "password_reset"
|
||||
)
|
||||
|
||||
type UserProfileData struct {
|
||||
Phone string `bson:"phone" json:"phone,omitempty"`
|
||||
Country string `bson:"country" json:"country,omitempty"`
|
||||
Region string `bson:"region" json:"region,omitempty"`
|
||||
City string `bson:"city" json:"city,omitempty"`
|
||||
PostalCode string `bson:"postal_code" json:"postal_code,omitempty"`
|
||||
AddressLine1 string `bson:"address_line1" json:"address_line1,omitempty"`
|
||||
AddressLine2 string `bson:"address_line2" json:"address_line2,omitempty"`
|
||||
HasShippingAddress bool `bson:"has_shipping_address" json:"has_shipping_address,omitempty"`
|
||||
ShippingName string `bson:"shipping_name" json:"shipping_name,omitempty"`
|
||||
ShippingPhone string `bson:"shipping_phone" json:"shipping_phone,omitempty"`
|
||||
ShippingCountry string `bson:"shipping_country" json:"shipping_country,omitempty"`
|
||||
ShippingRegion string `bson:"shipping_region" json:"shipping_region,omitempty"`
|
||||
ShippingCity string `bson:"shipping_city" json:"shipping_city,omitempty"`
|
||||
ShippingPostalCode string `bson:"shipping_postal_code" json:"shipping_postal_code,omitempty"`
|
||||
ShippingAddressLine1 string `bson:"shipping_address_line1" json:"shipping_address_line1,omitempty"`
|
||||
ShippingAddressLine2 string `bson:"shipping_address_line2" json:"shipping_address_line2,omitempty"`
|
||||
Timezone string `bson:"timezone" json:"timezone"`
|
||||
AgreeTermsOfService bool `bson:"agree_terms_of_service" json:"agree_terms_of_service,omitempty"`
|
||||
AgreePromotions bool `bson:"agree_promotions" json:"agree_promotions,omitempty"`
|
||||
AgreeToTrackingAcrossThirdPartyAppsAndServices bool `bson:"agree_to_tracking_across_third_party_apps_and_services" json:"agree_to_tracking_across_third_party_apps_and_services,omitempty"`
|
||||
|
||||
// Email share notification preferences
|
||||
ShareNotificationsEnabled *bool `bson:"share_notifications_enabled" json:"share_notifications_enabled,omitempty"`
|
||||
}
|
||||
|
||||
type UserSecurityData struct {
|
||||
WasEmailVerified bool `bson:"was_email_verified" json:"was_email_verified,omitempty"`
|
||||
|
||||
Code string `bson:"code,omitempty" json:"code,omitempty"`
|
||||
CodeType string `bson:"code_type,omitempty" json:"code_type,omitempty"` // -- 'email_verification' or 'password_reset'
|
||||
CodeExpiry time.Time `bson:"code_expiry,omitempty" json:"code_expiry"`
|
||||
|
||||
// --- E2EE Related ---
|
||||
PasswordSalt []byte `json:"password_salt" bson:"password_salt"`
|
||||
// KDFParams stores the key derivation function parameters used to derive the user's password hash.
|
||||
KDFParams crypto.KDFParams `json:"kdf_params" bson:"kdf_params"`
|
||||
EncryptedMasterKey crypto.EncryptedMasterKey `json:"encrypted_master_key" bson:"encrypted_master_key"`
|
||||
PublicKey crypto.PublicKey `json:"public_key" bson:"public_key"`
|
||||
EncryptedPrivateKey crypto.EncryptedPrivateKey `json:"encrypted_private_key" bson:"encrypted_private_key"`
|
||||
EncryptedRecoveryKey crypto.EncryptedRecoveryKey `json:"encrypted_recovery_key" bson:"encrypted_recovery_key"`
|
||||
MasterKeyEncryptedWithRecoveryKey crypto.MasterKeyEncryptedWithRecoveryKey `json:"master_key_encrypted_with_recovery_key" bson:"master_key_encrypted_with_recovery_key"`
|
||||
EncryptedChallenge []byte `json:"encrypted_challenge,omitempty" bson:"encrypted_challenge,omitempty"`
|
||||
VerificationID string `json:"verification_id" bson:"verification_id"`
|
||||
|
||||
// Track KDF upgrade status
|
||||
LastPasswordChange time.Time `json:"last_password_change" bson:"last_password_change"`
|
||||
KDFParamsNeedUpgrade bool `json:"kdf_params_need_upgrade" bson:"kdf_params_need_upgrade"`
|
||||
|
||||
// Key rotation tracking fields
|
||||
CurrentKeyVersion int `json:"current_key_version" bson:"current_key_version"`
|
||||
LastKeyRotation *time.Time `json:"last_key_rotation,omitempty" bson:"last_key_rotation,omitempty"`
|
||||
KeyRotationPolicy *crypto.KeyRotationPolicy `json:"key_rotation_policy,omitempty" bson:"key_rotation_policy,omitempty"`
|
||||
|
||||
// OTPEnabled controls whether we force 2FA or not during login.
|
||||
OTPEnabled bool `bson:"otp_enabled" json:"otp_enabled"`
|
||||
|
||||
// OTPVerified indicates user has successfully validated their opt token afer enabling 2FA thus turning it on.
|
||||
OTPVerified bool `bson:"otp_verified" json:"otp_verified"`
|
||||
|
||||
// OTPValidated automatically gets set as `false` on successful login and then sets `true` once successfully validated by 2FA.
|
||||
OTPValidated bool `bson:"otp_validated" json:"otp_validated"`
|
||||
|
||||
// OTPSecret the unique one-time password secret to be shared between our
|
||||
// backend and 2FA authenticator sort of apps that support `TOPT`.
|
||||
OTPSecret string `bson:"otp_secret" json:"-"`
|
||||
|
||||
// OTPAuthURL is the URL used to share.
|
||||
OTPAuthURL string `bson:"otp_auth_url" json:"-"`
|
||||
|
||||
// OTPBackupCodeHash is the one-time use backup code which resets the 2FA settings and allow the user to setup 2FA from scratch for the user.
|
||||
OTPBackupCodeHash string `bson:"otp_backup_code_hash" json:"-"`
|
||||
|
||||
// OTPBackupCodeHashAlgorithm tracks the hashing algorithm used.
|
||||
OTPBackupCodeHashAlgorithm string `bson:"otp_backup_code_hash_algorithm" json:"-"`
|
||||
}
|
||||
|
||||
type UserMetadata struct {
|
||||
CreatedFromIPAddress string `bson:"created_from_ip_address" json:"created_from_ip_address"`
|
||||
CreatedByUserID gocql.UUID `bson:"created_by_user_id" json:"created_by_user_id"`
|
||||
CreatedAt time.Time `bson:"created_at" json:"created_at"`
|
||||
CreatedByName string `bson:"created_by_name" json:"created_by_name"`
|
||||
ModifiedFromIPAddress string `bson:"modified_from_ip_address" json:"modified_from_ip_address"`
|
||||
ModifiedByUserID gocql.UUID `bson:"modified_by_user_id" json:"modified_by_user_id"`
|
||||
ModifiedAt time.Time `bson:"modified_at" json:"modified_at"`
|
||||
ModifiedByName string `bson:"modified_by_name" json:"modified_by_name"`
|
||||
LastLoginAt time.Time `json:"last_login_at" bson:"last_login_at"`
|
||||
}
|
||||
|
||||
type User struct {
|
||||
ID gocql.UUID `bson:"_id" json:"id"`
|
||||
Email string `bson:"email" json:"email"`
|
||||
FirstName string `bson:"first_name" json:"first_name"`
|
||||
LastName string `bson:"last_name" json:"last_name"`
|
||||
Name string `bson:"name" json:"name"`
|
||||
LexicalName string `bson:"lexical_name" json:"lexical_name"`
|
||||
Role int8 `bson:"role" json:"role"`
|
||||
Status int8 `bson:"status" json:"status"`
|
||||
Timezone string `bson:"timezone" json:"timezone"`
|
||||
ProfileData *UserProfileData `bson:"profile_data" json:"profile_data"`
|
||||
SecurityData *UserSecurityData `bson:"security_data" json:"security_data"`
|
||||
Metadata *UserMetadata `bson:"metadata" json:"metadata"`
|
||||
CreatedAt time.Time `bson:"created_at" json:"created_at"`
|
||||
ModifiedAt time.Time `bson:"modified_at" json:"modified_at"`
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue