package session

import "time"

// Session represents a user authentication session (domain entity)
type Session struct {
	UserID       string
	Email        string
	AccessToken  string
	RefreshToken string
	ExpiresAt    time.Time
	CreatedAt    time.Time

	// Encrypted user data for password verification (stored during login)
	Salt                string // Base64 encoded salt for password derivation
	EncryptedMasterKey  string // Base64 encoded encrypted master key
	EncryptedPrivateKey string // Base64 encoded encrypted private key
	PublicKey           string // Base64 encoded public key
	KDFAlgorithm        string // Key derivation algorithm: "PBKDF2-SHA256"
}

// IsExpired checks if the session has expired
func (s *Session) IsExpired() bool {
	return time.Now().After(s.ExpiresAt)
}

// IsValid checks if the session is valid (not expired and has tokens)
func (s *Session) IsValid() bool {
	return !s.IsExpired() && s.AccessToken != "" && s.RefreshToken != ""
}