baron-sso/backend/internal/domain/auth_models.go

package domain

type EnchantedLinkInitRequest struct {
	LoginID  string `json:"loginId"`
	URI      string `json:"uri,omitempty"`    // Redirect URI (optional for polling flow)
	Method   string `json:"method,omitempty"` // "email" or "sms"
	CodeOnly bool   `json:"codeOnly,omitempty"`
	DryRun   bool   `json:"dryRun,omitempty"`
	DrySend  bool   `json:"drySend,omitempty"`
}

type EnchantedLinkInitResponse struct {
	LinkID      string `json:"linkId"`
	PendingRef  string `json:"pendingRef"`
	MaskedEmail string `json:"maskedEmail"`
}

type EnchantedLinkPollRequest struct {
	PendingRef string `json:"pendingRef"`
}

type EnchantedLinkPollResponse struct {
	SessionToken string `json:"sessionToken"` // JWT
	RefreshToken string `json:"refreshToken"`
	UserID       string `json:"userId,omitempty"`
}

type MagicLinkVerifyRequest struct {
	Token      string `json:"token"`
	VerifyOnly bool   `json:"verifyOnly,omitempty"`
}

type QRInitResponse struct {
	QRCode     string `json:"qrCode"` // Base64 or URL
	PendingRef string `json:"pendingRef"`
	ExpiresIn  int    `json:"expiresIn"`
}

// Signup Flow Models

type CheckEmailRequest struct {
	Email string `json:"email"`
}

type SendSignupCodeRequest struct {
	Target string `json:"target"` // Email or Phone
	Type   string `json:"type"`   // "email" or "phone"
}

type VerifySignupCodeRequest struct {
	Target string `json:"target"` // Email or Phone
	Type   string `json:"type"`   // "email" or "phone"
	Code   string `json:"code"`
}

type SignupRequest struct {
	Email           string  `json:"email"`
	LoginID         string  `json:"loginId,omitempty"`
	Password        string  `json:"password"`
	Name            string  `json:"name"`
	Phone           string  `json:"phone"`
	AffiliationType string  `json:"affiliationType"` // "AFFILIATE" or "GENERAL"
	TenantSlug      string  `json:"tenantSlug,omitempty"`
	CompanyCode     string  `json:"companyCode,omitempty"`
	Department      string  `json:"department"`
	Metadata        JSONMap `json:"metadata,omitempty"`
	TermsAccepted   bool    `json:"termsAccepted"`
}

// User Profile Models

type SystemPermissions struct {
	Overview           bool `json:"overview"`
	Tenants            bool `json:"tenants"`
	OrgChart           bool `json:"org_chart"`
	Worksmobile        bool `json:"worksmobile"`
	OrySSOT            bool `json:"ory_ssot"`
	DataIntegrity      bool `json:"data_integrity"`
	Users              bool `json:"users"`
	PermissionsDirect  bool `json:"permissions_direct"`
	AuthGuard          bool `json:"auth_guard"`
	ApiKeys            bool `json:"api_keys"`
	AuditLogs          bool `json:"audit_logs"`
}

type UserProfileResponse struct {
	ID                     string             `json:"id"`
	Email                  string             `json:"email"`
	LoginID                string             `json:"loginId,omitempty"`
	Name                   string             `json:"name"`
	Phone                  string             `json:"phone"`
	Role                   string             `json:"role"` // 추가
	SessionAuthenticatedAt string             `json:"sessionAuthenticatedAt,omitempty"`
	Department             string             `json:"department"`
	AffiliationType        string             `json:"affiliationType"`
	CompanyCode            string             `json:"companyCode,omitempty"`
	TenantID               *string            `json:"tenantId,omitempty"`        // 추가
	SessionTenantID        *string            `json:"sessionTenantId,omitempty"` // [New] 로그인에 사용된 식별자 기반 테넌트
	RelyingPartyID         *string            `json:"relyingPartyId,omitempty"`  // 추가
	Metadata               map[string]any     `json:"metadata,omitempty"`
	Tenant                 *Tenant            `json:"tenant,omitempty"`
	ManageableTenants      []Tenant           `json:"manageableTenants,omitempty"` // 추가: 관리 가능한 테넌트 목록
	JoinedTenants          []Tenant           `json:"joinedTenants,omitempty"`     // [New] 다중 소속 테넌트 목록
	SystemPermissions      *SystemPermissions `json:"systemPermissions,omitempty"` // [New] 글로벌 메뉴 접근 권한
}

type UpdateUserRequest struct {
	Name             string         `json:"name"`
	Phone            string         `json:"phone"`
	Department       string         `json:"department"`
	VerificationCode string         `json:"verificationCode,omitempty"` // For phone change
	Metadata         map[string]any `json:"metadata,omitempty"`
}

// PasswordResetInitiateRequest is the request body for initiating a password reset.
type PasswordResetInitiateRequest struct {
	LoginID string `json:"loginId"`
	DryRun  bool   `json:"dryRun,omitempty"`
	DrySend bool   `json:"drySend,omitempty"`
}

// PasswordResetCompleteRequest is the request body for completing a password reset.
type PasswordResetCompleteRequest struct {
	LoginID     string `json:"loginId"`
	NewPassword string `json:"newPassword"`
}

// PasswordChangeRequest는 로그인 상태에서 비밀번호 변경 요청을 표현합니다.
type PasswordChangeRequest struct {
	CurrentPassword string `json:"currentPassword"`
	NewPassword     string `json:"newPassword"`
}

type CheckLoginIDRequest struct {
	LoginID     string `json:"loginId"`
	TenantSlug  string `json:"tenantSlug,omitempty"`
	CompanyCode string `json:"companyCode,omitempty"`
}