Initial commit: Open sourcing all of the Maple Open Technologies code.

2025-12-02 14:33:08 -05:00 · 2025-12-02 14:33:08 -05:00 · 755d54a99d
commit 755d54a99d
2010 changed files with 448675 additions and 0 deletions
--- a/cloud/maplepress-backend/internal/domain/securityevent/entity.go
+++ b/cloud/maplepress-backend/internal/domain/securityevent/entity.go
@ -0,0 +1,104 @@
+// File Path: monorepo/cloud/maplepress-backend/internal/domain/securityevent/entity.go
+package securityevent
+
+import (
+	"time"
+)
+
+// EventType represents the type of security event
+type EventType string
+
+const (
+	// Account lockout events
+	EventTypeAccountLocked   EventType = "account_locked"
+	EventTypeAccountUnlocked EventType = "account_unlocked"
+
+	// Failed login events
+	EventTypeFailedLogin          EventType = "failed_login"
+	EventTypeExcessiveFailedLogin EventType = "excessive_failed_login"
+
+	// Successful events
+	EventTypeSuccessfulLogin EventType = "successful_login"
+
+	// Rate limiting events
+	EventTypeIPRateLimitExceeded EventType = "ip_rate_limit_exceeded"
+)
+
+// Severity represents the severity level of the security event
+type Severity string
+
+const (
+	SeverityLow      Severity = "low"
+	SeverityMedium   Severity = "medium"
+	SeverityHigh     Severity = "high"
+	SeverityCritical Severity = "critical"
+)
+
+// SecurityEvent represents a security-related event in the system
+// CWE-778: Insufficient Logging - Security events must be logged for audit
+type SecurityEvent struct {
+	// Unique identifier for the event
+	ID string `json:"id"`
+
+	// Type of security event
+	EventType EventType `json:"event_type"`
+
+	// Severity level
+	Severity Severity `json:"severity"`
+
+	// User email (hashed for privacy)
+	EmailHash string `json:"email_hash"`
+
+	// Client IP address
+	ClientIP string `json:"client_ip"`
+
+	// User agent
+	UserAgent string `json:"user_agent,omitempty"`
+
+	// Additional metadata as key-value pairs
+	Metadata map[string]interface{} `json:"metadata,omitempty"`
+
+	// Timestamp when the event occurred
+	Timestamp time.Time `json:"timestamp"`
+
+	// Message describing the event
+	Message string `json:"message"`
+}
+
+// NewSecurityEvent creates a new security event
+func NewSecurityEvent(
+	eventType EventType,
+	severity Severity,
+	emailHash string,
+	clientIP string,
+	message string,
+) *SecurityEvent {
+	return &SecurityEvent{
+		ID:        generateEventID(),
+		EventType: eventType,
+		Severity:  severity,
+		EmailHash: emailHash,
+		ClientIP:  clientIP,
+		Metadata:  make(map[string]interface{}),
+		Timestamp: time.Now().UTC(),
+		Message:   message,
+	}
+}
+
+// WithMetadata adds metadata to the security event
+func (e *SecurityEvent) WithMetadata(key string, value interface{}) *SecurityEvent {
+	e.Metadata[key] = value
+	return e
+}
+
+// WithUserAgent sets the user agent
+func (e *SecurityEvent) WithUserAgent(userAgent string) *SecurityEvent {
+	e.UserAgent = userAgent
+	return e
+}
+
+// generateEventID generates a unique event ID
+func generateEventID() string {
+	// Simple timestamp-based ID (can be replaced with UUID if needed)
+	return time.Now().UTC().Format("20060102150405.000000")
+}