33 lines
910 B
Go
33 lines
910 B
Go
package domain
|
|
|
|
import "time"
|
|
|
|
// AuthCodePurpose identifies what an auth code is used for.
|
|
type AuthCodePurpose string
|
|
|
|
const (
|
|
PurposeLoginOTP AuthCodePurpose = "login_otp"
|
|
PurposeMagicLink AuthCodePurpose = "magic_link"
|
|
PurposePasswordReset AuthCodePurpose = "password_reset"
|
|
PurposeEmailVerify AuthCodePurpose = "email_verify"
|
|
)
|
|
|
|
// AuthCode is a single-use, time-limited code for authentication flows.
|
|
// Used by OTP login, magic links, password reset, and email verification.
|
|
type AuthCode struct {
|
|
ID string
|
|
UserID *UserID // Nullable for magic link signup
|
|
Email string
|
|
Code string
|
|
Purpose AuthCodePurpose
|
|
ExpiresAt time.Time
|
|
UsedAt *time.Time
|
|
IPAddress string
|
|
CreatedAt time.Time
|
|
}
|
|
|
|
// IsValid returns true if the code has not been used and has not expired.
|
|
func (c *AuthCode) IsValid() bool {
|
|
return c.UsedAt == nil && time.Now().Before(c.ExpiresAt)
|
|
}
|