83 lines
2.3 KiB
TypeScript
83 lines
2.3 KiB
TypeScript
/**
|
|
* Auth Domain - Contract
|
|
*
|
|
* Canonical authentication types shared across applications.
|
|
* Most types are derived from schemas (see schema.ts).
|
|
*/
|
|
|
|
import type { IsoDateTimeString } from "../common/types";
|
|
import type { CustomerProfile } from "../customer/contract";
|
|
|
|
// ============================================================================
|
|
// User Role
|
|
// ============================================================================
|
|
|
|
export type UserRole = "USER" | "ADMIN";
|
|
|
|
// ============================================================================
|
|
// Authenticated User (Core Type)
|
|
// ============================================================================
|
|
|
|
/**
|
|
* AuthenticatedUser - Complete user profile with authentication state
|
|
* Extends CustomerProfile (from WHMCS) with auth-specific fields from portal DB
|
|
* Follows WHMCS client field naming (firstname, lastname, etc.)
|
|
*/
|
|
export interface AuthenticatedUser extends CustomerProfile {
|
|
role: UserRole;
|
|
emailVerified: boolean;
|
|
mfaEnabled: boolean;
|
|
lastLoginAt?: IsoDateTimeString;
|
|
}
|
|
|
|
/**
|
|
* User profile type alias
|
|
*/
|
|
export type UserProfile = AuthenticatedUser;
|
|
|
|
// ============================================================================
|
|
// Auth Error (Business Type)
|
|
// ============================================================================
|
|
|
|
export interface AuthError {
|
|
code:
|
|
| "INVALID_CREDENTIALS"
|
|
| "USER_NOT_FOUND"
|
|
| "EMAIL_ALREADY_EXISTS"
|
|
| "EMAIL_NOT_VERIFIED"
|
|
| "INVALID_TOKEN"
|
|
| "TOKEN_EXPIRED"
|
|
| "ACCOUNT_LOCKED"
|
|
| "RATE_LIMITED"
|
|
| "NETWORK_ERROR";
|
|
message: string;
|
|
details?: Record<string, unknown>;
|
|
}
|
|
|
|
// ============================================================================
|
|
// Re-export Types from Schema (Schema-First Approach)
|
|
// ============================================================================
|
|
|
|
export type {
|
|
// Request types
|
|
LoginRequest,
|
|
SignupRequest,
|
|
PasswordResetRequest,
|
|
ResetPasswordRequest,
|
|
SetPasswordRequest,
|
|
ChangePasswordRequest,
|
|
LinkWhmcsRequest,
|
|
ValidateSignupRequest,
|
|
UpdateCustomerProfileRequest,
|
|
AccountStatusRequest,
|
|
SsoLinkRequest,
|
|
CheckPasswordNeededRequest,
|
|
RefreshTokenRequest,
|
|
// Response types
|
|
AuthTokens,
|
|
AuthResponse,
|
|
} from './schema';
|
|
|
|
// Re-export from customer for convenience
|
|
export type { Activity } from "../dashboard/contract";
|