internal/core/verification/interfaces.go at feature/phone-verification · bretton.dev/coves

bretton.dev / coves
A community based topic aggregation platform built on atproto
coves / internal / core / verification / interfaces.go
at feature/phone-verification 4.9 kB view raw
  1package verification
  2
  3import (
  4	"context"
  5	"time"
  6)
  7
  8// VerificationService handles phone verification operations
  9type VerificationService interface {
 10	// RequestPhoneVerification sends an OTP code to the provided phone number
 11	RequestPhoneVerification(ctx context.Context, did, phoneNumber string) (*VerificationRequest, error)
 12
 13	// VerifyPhone validates the OTP code and writes verification to PDS
 14	VerifyPhone(ctx context.Context, did, requestID, code string) (*VerificationResult, error)
 15
 16	// GetVerificationStatus retrieves current verification status for a user
 17	GetVerificationStatus(ctx context.Context, did string) (*VerificationStatus, error)
 18
 19	// CheckPhoneAvailability checks if phone number is already verified by another account
 20	CheckPhoneAvailability(ctx context.Context, phoneNumber string) (bool, error)
 21}
 22
 23// VerificationRepository handles persistence of verification data
 24type VerificationRepository interface {
 25	// StoreVerificationRequest saves a pending verification request
 26	StoreVerificationRequest(ctx context.Context, req *VerificationRequest) error
 27
 28	// GetVerificationRequest retrieves a pending request by ID
 29	GetVerificationRequest(ctx context.Context, requestID string) (*VerificationRequest, error)
 30
 31	// IncrementAttempts increments the failed attempt counter
 32	IncrementAttempts(ctx context.Context, requestID string) error
 33
 34	// DeleteVerificationRequest removes a pending request
 35	DeleteVerificationRequest(ctx context.Context, requestID string) error
 36
 37	// StoreVerification saves a completed verification
 38	StoreVerification(ctx context.Context, verification *PhoneVerification) error
 39
 40	// GetVerification retrieves verification by DID
 41	GetVerification(ctx context.Context, did string) (*PhoneVerification, error)
 42
 43	// GetVerificationByPhoneHash retrieves verification by phone hash
 44	GetVerificationByPhoneHash(ctx context.Context, phoneHash string) (*PhoneVerification, error)
 45
 46	// CheckRateLimit checks if DID or phone has exceeded rate limits
 47	CheckRateLimit(ctx context.Context, identifier string, limit int, window time.Duration) (bool, error)
 48
 49	// RecordRateLimitAttempt records a verification attempt for rate limiting
 50	RecordRateLimitAttempt(ctx context.Context, identifier string) error
 51
 52	// LogAuditEvent records an audit event
 53	LogAuditEvent(ctx context.Context, event *AuditEvent) error
 54}
 55
 56// SMSProvider handles sending SMS messages
 57type SMSProvider interface {
 58	// SendOTP sends an OTP code via SMS
 59	SendOTP(ctx context.Context, phoneNumber, code string) error
 60}
 61
 62// SignatureService handles cryptographic signing of verifications
 63type SignatureService interface {
 64	// SignVerification creates a signature over verification data
 65	SignVerification(ctx context.Context, verification *VerificationData) (string, error)
 66
 67	// GetVerifierDID returns the DID used for signing
 68	GetVerifierDID() string
 69}
 70
 71// PDSWriter handles writing verification records to user's PDS
 72type PDSWriter interface {
 73	// WriteVerificationToProfile writes verification to user's PDS profile
 74	WriteVerificationToProfile(ctx context.Context, did string, verification *SignedVerification) error
 75}
 76
 77// VerificationRequest represents a pending phone verification
 78type VerificationRequest struct {
 79	RequestID    string
 80	DID          string
 81	PhoneHash    string
 82	OTPCodeHash  string
 83	Attempts     int
 84	CreatedAt    time.Time
 85	ExpiresAt    time.Time
 86}
 87
 88// PhoneVerification represents a completed phone verification
 89type PhoneVerification struct {
 90	DID        string
 91	PhoneHash  string
 92	VerifiedAt time.Time
 93	ExpiresAt  time.Time
 94}
 95
 96// VerificationData is the data that gets signed
 97type VerificationData struct {
 98	Type       string    // "phone"
 99	VerifiedBy string    // DID of verifier
100	VerifiedAt time.Time
101	ExpiresAt  time.Time
102	SubjectDID string    // DID being verified
103}
104
105// SignedVerification is written to PDS profile
106type SignedVerification struct {
107	Type       string                 `json:"type"`
108	VerifiedBy string                 `json:"verifiedBy"`
109	VerifiedAt string                 `json:"verifiedAt"` // RFC3339
110	ExpiresAt  string                 `json:"expiresAt"`  // RFC3339
111	Signature  string                 `json:"signature"`
112	Metadata   map[string]interface{} `json:"metadata,omitempty"`
113}
114
115// VerificationResult is returned after successful verification
116type VerificationResult struct {
117	Verified   bool
118	VerifiedAt time.Time
119	ExpiresAt  time.Time
120}
121
122// VerificationStatus represents current verification state
123type VerificationStatus struct {
124	HasVerifiedPhone bool
125	VerifiedAt       *time.Time
126	ExpiresAt        *time.Time
127	NeedsRenewal     bool
128}
129
130// AuditEvent represents a security audit event
131type AuditEvent struct {
132	DID        *string
133	EventType  string // 'request_sent', 'verification_success', 'verification_failed', 'rate_limit_hit'
134	PhoneHash  *string
135	IPAddress  *string
136	UserAgent  *string
137	Metadata   map[string]interface{}
138	CreatedAt  time.Time
139}