template-monorepo/internal/model/member/domain/usecase/otp.go

package usecase

import (
	"context"

	"gateway/internal/model/member/domain/enum"
)

// GenerateOTPRequest creates a new OTP challenge.
type GenerateOTPRequest struct {
	TenantID   string
	UID        string
	Purpose    enum.OTPPurpose
	Target     string // email or phone for verification flows
	Identifier string // optional audit key when uid is empty
}

// VerifyOTPRequest validates a challenge.
type VerifyOTPRequest struct {
	TenantID    string
	UID         string // must match challenge UID when the challenge was issued with a UID
	ChallengeID string
	Code        string
	Purpose     enum.OTPPurpose
}

// MatchChallengeRequest validates persisted challenge metadata before orchestration.
type MatchChallengeRequest struct {
	ChallengeID   string
	TenantID      string
	Purpose       enum.OTPPurpose
	RequireUID    bool
	RequireTarget bool
}

// OTPUseCase is the purpose-agnostic OTP primitive.
type OTPUseCase interface {
	Generate(ctx context.Context, req *GenerateOTPRequest) (*OTPChallengeDTO, string, error)
	// Verify returns the challenge target (e.g. email/phone) after successful validation.
	Verify(ctx context.Context, req *VerifyOTPRequest) (target string, err error)
	Invalidate(ctx context.Context, challengeID string) error
	// GetChallenge returns persisted challenge metadata for orchestration (e.g. register resend).
	GetChallenge(ctx context.Context, challengeID string) (*OTPChallengeInfo, error)
	// MatchChallenge loads a challenge and validates tenant / purpose / required fields.
	MatchChallenge(ctx context.Context, req *MatchChallengeRequest) (*OTPChallengeInfo, error)
}

// OTPChallengeInfo is read-only challenge metadata.
type OTPChallengeInfo struct {
	TenantID string
	UID      string
	Purpose  enum.OTPPurpose
	Target   string
}
add notification and member modules with local dev stack Implement outbound notification (sync/async, idempotency, quota, DLQ), member OTP/verification, SMTP/SES/Mitake providers, shared Redis wiring, docker-compose for Mongo/Redis, and gateway config documentation. Co-authored-by: Cursor <cursoragent@cursor.com> 2026-05-20 07:01:08 +00:00			`package usecase`

			`import (`
			`"context"`

			`"gateway/internal/model/member/domain/enum"`
			`)`

			`// GenerateOTPRequest creates a new OTP challenge.`
			`type GenerateOTPRequest struct {`
			`TenantID string`
			`UID string`
			`Purpose enum.OTPPurpose`
			`Target string // email or phone for verification flows`
			`Identifier string // optional audit key when uid is empty`
			`}`

			`// VerifyOTPRequest validates a challenge.`
			`type VerifyOTPRequest struct {`
			`TenantID string`
			`UID string // must match challenge UID when the challenge was issued with a UID`
			`ChallengeID string`
			`Code string`
			`Purpose enum.OTPPurpose`
			`}`

feat(auth): add unified registration/login module with Zitadel + lint cleanup - Introduce auth module: handlers, logic, domain/repository/usecase, JWT middleware, and Zitadel OIDC client (password + authorization code + userinfo + JWKS verification) - Wire member rate-limit, structured errors, and refactored member/ notification usecases (introduce shared errors, drop repo_errors.go) - Bring the codebase to zero golangci-lint issues: * goimports formatting * errcheck on io.ReadAll/Unlock cleanup paths * contextcheck: HandlerContext now takes (ctx, http.Request) gocritic: rename shadowed `max`, use http.NoBody * goconst: extract test fixtures and bsonOpSet * testifylint: switch to assert inside httptest handlers Co-authored-by: Cursor <cursoragent@cursor.com> 2026-05-21 06:45:35 +00:00			`// MatchChallengeRequest validates persisted challenge metadata before orchestration.`
			`type MatchChallengeRequest struct {`
			`ChallengeID string`
			`TenantID string`
			`Purpose enum.OTPPurpose`
			`RequireUID bool`
			`RequireTarget bool`
			`}`

add notification and member modules with local dev stack Implement outbound notification (sync/async, idempotency, quota, DLQ), member OTP/verification, SMTP/SES/Mitake providers, shared Redis wiring, docker-compose for Mongo/Redis, and gateway config documentation. Co-authored-by: Cursor <cursoragent@cursor.com> 2026-05-20 07:01:08 +00:00			`// OTPUseCase is the purpose-agnostic OTP primitive.`
			`type OTPUseCase interface {`
			`Generate(ctx context.Context, req GenerateOTPRequest) (OTPChallengeDTO, string, error)`
			`// Verify returns the challenge target (e.g. email/phone) after successful validation.`
			`Verify(ctx context.Context, req *VerifyOTPRequest) (target string, err error)`
			`Invalidate(ctx context.Context, challengeID string) error`
feat(auth): add unified registration/login module with Zitadel + lint cleanup - Introduce auth module: handlers, logic, domain/repository/usecase, JWT middleware, and Zitadel OIDC client (password + authorization code + userinfo + JWKS verification) - Wire member rate-limit, structured errors, and refactored member/ notification usecases (introduce shared errors, drop repo_errors.go) - Bring the codebase to zero golangci-lint issues: * goimports formatting * errcheck on io.ReadAll/Unlock cleanup paths * contextcheck: HandlerContext now takes (ctx, http.Request) gocritic: rename shadowed `max`, use http.NoBody * goconst: extract test fixtures and bsonOpSet * testifylint: switch to assert inside httptest handlers Co-authored-by: Cursor <cursoragent@cursor.com> 2026-05-21 06:45:35 +00:00			`// GetChallenge returns persisted challenge metadata for orchestration (e.g. register resend).`
			`GetChallenge(ctx context.Context, challengeID string) (*OTPChallengeInfo, error)`
			`// MatchChallenge loads a challenge and validates tenant / purpose / required fields.`
			`MatchChallenge(ctx context.Context, req MatchChallengeRequest) (OTPChallengeInfo, error)`
			`}`

			`// OTPChallengeInfo is read-only challenge metadata.`
			`type OTPChallengeInfo struct {`
			`TenantID string`
			`UID string`
			`Purpose enum.OTPPurpose`
			`Target string`
add notification and member modules with local dev stack Implement outbound notification (sync/async, idempotency, quota, DLQ), member OTP/verification, SMTP/SES/Mitake providers, shared Redis wiring, docker-compose for Mongo/Redis, and gateway config documentation. Co-authored-by: Cursor <cursoragent@cursor.com> 2026-05-20 07:01:08 +00:00			`}`