Add Sign in with Apple authentication

- Add AppleSocialAuth model to store Apple ID linkages - Create AppleAuthService for JWT verification with Apple's public keys - Add AppleSignIn handler and route (POST /auth/apple-sign-in/) - Implement account linking (links Apple ID to existing accounts by email) - Add Redis caching for Apple public keys (24-hour TTL) - Support private relay emails (@privaterelay.appleid.com) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-29 01:17:10 -06:00
parent c7dc56e2d2
commit 409d9716bd
10 changed files with 651 additions and 27 deletions
--- a/internal/dto/requests/auth.go
+++ b/internal/dto/requests/auth.go
@@ -49,3 +49,12 @@ type UpdateProfileRequest struct {
 type ResendVerificationRequest struct {
 	// No body needed - uses authenticated user's email
 }
+
+// AppleSignInRequest represents the Apple Sign In request body
+type AppleSignInRequest struct {
+	IDToken   string  `json:"id_token" binding:"required"`
+	UserID    string  `json:"user_id" binding:"required"` // Apple's sub claim
+	Email     *string `json:"email"`                      // May be nil or private relay
+	FirstName *string `json:"first_name"`
+	LastName  *string `json:"last_name"`
+}
--- a/internal/dto/responses/auth.go
+++ b/internal/dto/responses/auth.go
@@ -155,3 +155,19 @@ func NewRegisterResponse(token string, user *models.User) RegisterResponse {
 		Message: "Registration successful. Please check your email to verify your account.",
 	}
 }
+
+// AppleSignInResponse represents the Apple Sign In response
+type AppleSignInResponse struct {
+	Token     string       `json:"token"`
+	User      UserResponse `json:"user"`
+	IsNewUser bool         `json:"is_new_user"`
+}
+
+// NewAppleSignInResponse creates an AppleSignInResponse
+func NewAppleSignInResponse(token string, user *models.User, isNewUser bool) AppleSignInResponse {
+	return AppleSignInResponse{
+		Token:     token,
+		User:      NewUserResponse(user),
+		IsNewUser: isNewUser,
+	}
+}