63ede5c237
- refactor: move HTTP status and DTO concerns out of model and service layers into API and handler code. - feat: add admin service boundary and route auth through services instead of direct repository access. - test: add architecture and error tests covering package boundaries, redaction, and service behavior. - docs: record the protocol-neutral boundary decision and update architecture and roadmap notes.
19 lines
637 B
Go
19 lines
637 B
Go
package model
|
|
|
|
import (
|
|
"time"
|
|
)
|
|
|
|
// Credential represents an alternative authentication credential for a user.
|
|
// The primary password is stored on the User model; additional credentials
|
|
// (app passkeys, WebAuthn, OAuth) are stored here with a type discriminator.
|
|
type Credential struct {
|
|
ID string `gorm:"primaryKey;type:varchar(36)"`
|
|
UserID string `gorm:"index;type:varchar(36);not null"`
|
|
Type string `gorm:"index;type:varchar(32);not null"`
|
|
Label string `gorm:"type:varchar(128)"`
|
|
SecretHash string `gorm:"uniqueIndex;type:varchar(255);not null" json:"-"`
|
|
LastUsedAt *time.Time
|
|
CreatedAt time.Time
|
|
}
|