admin/honeyDueAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b679f28e552e49d2bb9547bb0284cad526e8a72d
honeyDueAPI/internal/dto/requests/auth.go
Trey T b679f28e55 Production hardening: security, resilience, observability, and compliance 
Password complexity: custom validator requiring uppercase, lowercase, digit (min 8 chars)
Token expiry: 90-day token lifetime with refresh endpoint (60-90 day renewal window)
Health check: /api/health/ now pings Postgres + Redis, returns 503 on failure
Audit logging: async audit_log table for auth events (login, register, delete, etc.)
Circuit breaker: APNs/FCM push sends wrapped with 5-failure threshold, 30s recovery
FK indexes: 27 missing foreign key indexes across all tables (migration 017)
CSP header: default-src 'none'; frame-ancestors 'none'
Gzip compression: level 5 with media endpoint skipper
Prometheus metrics: /metrics endpoint using existing monitoring service
External timeouts: 15s push, 30s SMTP, context timeouts on all external calls

Migrations: 016 (token created_at), 017 (FK indexes), 018 (audit_log)
Tests: circuit breaker (15), audit service (8), token refresh (7), health (4),
       middleware expiry (5), validator (new)
2026-03-26 14:05:28 -05:00

72 lines
2.7 KiB
Go
Raw Blame History

package requests
// LoginRequest represents the login request body
type LoginRequest struct {
Username string `json:"username" validate:"required_without=Email"`
Email string `json:"email" validate:"required_without=Username,omitempty,email"`
Password string `json:"password" validate:"required,min=1"`
}
// RegisterRequest represents the registration request body
type RegisterRequest struct {
Username string `json:"username" validate:"required,min=3,max=150"`
Email string `json:"email" validate:"required,email,max=254"`
Password string `json:"password" validate:"required,min=8,password_complexity"`
FirstName string `json:"first_name" validate:"max=150"`
LastName string `json:"last_name" validate:"max=150"`
}
// VerifyEmailRequest represents the email verification request body
type VerifyEmailRequest struct {
Code string `json:"code" validate:"required,len=6"`
}
// ForgotPasswordRequest represents the forgot password request body
type ForgotPasswordRequest struct {
Email string `json:"email" validate:"required,email"`
}
// VerifyResetCodeRequest represents the verify reset code request body
type VerifyResetCodeRequest struct {
Email string `json:"email" validate:"required,email"`
Code string `json:"code" validate:"required,len=6"`
}
// ResetPasswordRequest represents the reset password request body
type ResetPasswordRequest struct {
ResetToken string `json:"reset_token" validate:"required"`
NewPassword string `json:"new_password" validate:"required,min=8,password_complexity"`
}
// UpdateProfileRequest represents the profile update request body
type UpdateProfileRequest struct {
Email *string `json:"email" validate:"omitempty,email,max=254"`
FirstName *string `json:"first_name" validate:"omitempty,max=150"`
LastName *string `json:"last_name" validate:"omitempty,max=150"`
}
// ResendVerificationRequest represents the resend verification email request
type ResendVerificationRequest struct {
// No body needed - uses authenticated user's email
}
// AppleSignInRequest represents the Apple Sign In request body
type AppleSignInRequest struct {
IDToken string `json:"id_token" validate:"required"`
UserID string `json:"user_id" validate:"required"` // Apple's sub claim
Email *string `json:"email"` // May be nil or private relay
FirstName *string `json:"first_name"`
LastName *string `json:"last_name"`
}
// GoogleSignInRequest represents the Google Sign In request body
type GoogleSignInRequest struct {
IDToken string `json:"id_token" validate:"required"` // Google ID token from Credential Manager
}
// DeleteAccountRequest represents the delete account request body
type DeleteAccountRequest struct {
Password *string `json:"password"`
Confirmation *string `json:"confirmation"`
}
Reference in New Issue View Git Blame Copy Permalink