wip

2025-12-07 18:38:03 +01:00
parent 5ca2454853
commit 2d0860d66c
23 changed files with 7713 additions and 779 deletions
--- a/packages/identity/application/use-cases/LoginWithEmailUseCase.ts
+++ b/packages/identity/application/use-cases/LoginWithEmailUseCase.ts
@@ -0,0 +1,71 @@
+/**
+ * Login with Email Use Case
+ * 
+ * Authenticates a user with email and password.
+ */
+
+import type { IUserRepository } from '../../domain/repositories/IUserRepository';
+import type { AuthenticatedUserDTO } from '../dto/AuthenticatedUserDTO';
+import type { AuthSessionDTO } from '../dto/AuthSessionDTO';
+import type { IdentitySessionPort } from '../ports/IdentitySessionPort';
+
+export interface LoginCommandDTO {
+  email: string;
+  password: string;
+}
+
+export class LoginWithEmailUseCase {
+  constructor(
+    private readonly userRepository: IUserRepository,
+    private readonly sessionPort: IdentitySessionPort,
+  ) {}
+
+  async execute(command: LoginCommandDTO): Promise<AuthSessionDTO> {
+    // Validate inputs
+    if (!command.email || !command.password) {
+      throw new Error('Email and password are required');
+    }
+
+    // Find user by email
+    const user = await this.userRepository.findByEmail(command.email.toLowerCase().trim());
+    if (!user) {
+      throw new Error('Invalid email or password');
+    }
+
+    // Verify password
+    const passwordHash = await this.hashPassword(command.password, user.salt);
+    if (passwordHash !== user.passwordHash) {
+      throw new Error('Invalid email or password');
+    }
+
+    // Create session
+    const authenticatedUser: AuthenticatedUserDTO = {
+      id: user.id,
+      displayName: user.displayName,
+      email: user.email,
+      primaryDriverId: user.primaryDriverId,
+    };
+
+    return this.sessionPort.createSession(authenticatedUser);
+  }
+
+  private async hashPassword(password: string, salt: string): Promise<string> {
+    // Simple hash for demo - in production, use bcrypt or argon2
+    const data = password + salt;
+    if (typeof crypto !== 'undefined' && crypto.subtle) {
+      const encoder = new TextEncoder();
+      const dataBuffer = encoder.encode(data);
+      const hashBuffer = await crypto.subtle.digest('SHA-256', dataBuffer);
+      const hashArray = Array.from(new Uint8Array(hashBuffer));
+      return hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
+    }
+    // Fallback for environments without crypto.subtle
+    let hash = 0;
+    for (let i = 0; i < data.length; i++) {
+      const char = data.charCodeAt(i);
+      hash = ((hash << 5) - hash) + char;
+      hash = hash & hash;
+    }
+    return Math.abs(hash).toString(16).padStart(16, '0');
+  }
+}
--- a/packages/identity/application/use-cases/SignupWithEmailUseCase.ts
+++ b/packages/identity/application/use-cases/SignupWithEmailUseCase.ts
@@ -0,0 +1,123 @@
+/**
+ * Signup with Email Use Case
+ * 
+ * Creates a new user account with email and password.
+ */
+
+import type { IUserRepository, StoredUser } from '../../domain/repositories/IUserRepository';
+import type { AuthenticatedUserDTO } from '../dto/AuthenticatedUserDTO';
+import type { AuthSessionDTO } from '../dto/AuthSessionDTO';
+import type { IdentitySessionPort } from '../ports/IdentitySessionPort';
+
+export interface SignupCommandDTO {
+  email: string;
+  password: string;
+  displayName: string;
+}
+
+export interface SignupResultDTO {
+  session: AuthSessionDTO;
+  isNewUser: boolean;
+}
+
+export class SignupWithEmailUseCase {
+  constructor(
+    private readonly userRepository: IUserRepository,
+    private readonly sessionPort: IdentitySessionPort,
+  ) {}
+
+  async execute(command: SignupCommandDTO): Promise<SignupResultDTO> {
+    // Validate email format
+    const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+    if (!emailRegex.test(command.email)) {
+      throw new Error('Invalid email format');
+    }
+
+    // Validate password strength
+    if (command.password.length < 8) {
+      throw new Error('Password must be at least 8 characters');
+    }
+
+    // Validate display name
+    if (!command.displayName || command.displayName.trim().length < 2) {
+      throw new Error('Display name must be at least 2 characters');
+    }
+
+    // Check if email already exists
+    const existingUser = await this.userRepository.findByEmail(command.email);
+    if (existingUser) {
+      throw new Error('An account with this email already exists');
+    }
+
+    // Hash password (simple hash for demo - in production use bcrypt)
+    const salt = this.generateSalt();
+    const passwordHash = await this.hashPassword(command.password, salt);
+
+    // Create user
+    const userId = this.generateUserId();
+    const newUser: StoredUser = {
+      id: userId,
+      email: command.email.toLowerCase().trim(),
+      displayName: command.displayName.trim(),
+      passwordHash,
+      salt,
+      createdAt: new Date(),
+    };
+
+    await this.userRepository.create(newUser);
+
+    // Create session
+    const authenticatedUser: AuthenticatedUserDTO = {
+      id: newUser.id,
+      displayName: newUser.displayName,
+      email: newUser.email,
+      primaryDriverId: undefined, // Will be set during onboarding
+    };
+
+    const session = await this.sessionPort.createSession(authenticatedUser);
+
+    return {
+      session,
+      isNewUser: true,
+    };
+  }
+
+  private generateSalt(): string {
+    const array = new Uint8Array(16);
+    if (typeof crypto !== 'undefined' && crypto.getRandomValues) {
+      crypto.getRandomValues(array);
+    } else {
+      for (let i = 0; i < array.length; i++) {
+        array[i] = Math.floor(Math.random() * 256);
+      }
+    }
+    return Array.from(array, byte => byte.toString(16).padStart(2, '0')).join('');
+  }
+
+  private async hashPassword(password: string, salt: string): Promise<string> {
+    // Simple hash for demo - in production, use bcrypt or argon2
+    const data = password + salt;
+    if (typeof crypto !== 'undefined' && crypto.subtle) {
+      const encoder = new TextEncoder();
+      const dataBuffer = encoder.encode(data);
+      const hashBuffer = await crypto.subtle.digest('SHA-256', dataBuffer);
+      const hashArray = Array.from(new Uint8Array(hashBuffer));
+      return hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
+    }
+    // Fallback for environments without crypto.subtle
+    let hash = 0;
+    for (let i = 0; i < data.length; i++) {
+      const char = data.charCodeAt(i);
+      hash = ((hash << 5) - hash) + char;
+      hash = hash & hash;
+    }
+    return Math.abs(hash).toString(16).padStart(16, '0');
+  }
+
+  private generateUserId(): string {
+    if (typeof crypto !== 'undefined' && crypto.randomUUID) {
+      return crypto.randomUUID();
+    }
+    return 'user-' + Date.now().toString(36) + Math.random().toString(36).substr(2, 9);
+  }
+}
--- a/packages/identity/domain/repositories/IUserRepository.ts
+++ b/packages/identity/domain/repositories/IUserRepository.ts
@@ -0,0 +1,50 @@
+/**
+ * Domain Repository: IUserRepository
+ * 
+ * Repository interface for User entity operations.
+ */
+
+import type { AuthenticatedUserDTO } from '../../application/dto/AuthenticatedUserDTO';
+
+export interface UserCredentials {
+  email: string;
+  passwordHash: string;
+  salt: string;
+}
+
+export interface StoredUser {
+  id: string;
+  email: string;
+  displayName: string;
+  passwordHash: string;
+  salt: string;
+  primaryDriverId?: string;
+  createdAt: Date;
+}
+
+export interface IUserRepository {
+  /**
+   * Find user by email
+   */
+  findByEmail(email: string): Promise<StoredUser | null>;
+  
+  /**
+   * Find user by ID
+   */
+  findById(id: string): Promise<StoredUser | null>;
+  
+  /**
+   * Create a new user
+   */
+  create(user: StoredUser): Promise<StoredUser>;
+  
+  /**
+   * Update user
+   */
+  update(user: StoredUser): Promise<StoredUser>;
+  
+  /**
+   * Check if email exists
+   */
+  emailExists(email: string): Promise<boolean>;
+}
--- a/packages/identity/infrastructure/repositories/InMemoryUserRepository.ts
+++ b/packages/identity/infrastructure/repositories/InMemoryUserRepository.ts
@@ -0,0 +1,56 @@
+/**
+ * In-Memory User Repository
+ * 
+ * Stores users in memory for demo/development purposes.
+ */
+
+import type { IUserRepository, StoredUser } from '../../domain/repositories/IUserRepository';
+
+export class InMemoryUserRepository implements IUserRepository {
+  private users: Map<string, StoredUser> = new Map();
+  private emailIndex: Map<string, string> = new Map(); // email -> userId
+
+  constructor(initialUsers: StoredUser[] = []) {
+    for (const user of initialUsers) {
+      this.users.set(user.id, user);
+      this.emailIndex.set(user.email.toLowerCase(), user.id);
+    }
+  }
+
+  async findByEmail(email: string): Promise<StoredUser | null> {
+    const userId = this.emailIndex.get(email.toLowerCase());
+    if (!userId) return null;
+    return this.users.get(userId) ?? null;
+  }
+
+  async findById(id: string): Promise<StoredUser | null> {
+    return this.users.get(id) ?? null;
+  }
+
+  async create(user: StoredUser): Promise<StoredUser> {
+    if (this.emailIndex.has(user.email.toLowerCase())) {
+      throw new Error('Email already exists');
+    }
+    this.users.set(user.id, user);
+    this.emailIndex.set(user.email.toLowerCase(), user.id);
+    return user;
+  }
+
+  async update(user: StoredUser): Promise<StoredUser> {
+    const existing = this.users.get(user.id);
+    if (!existing) {
+      throw new Error('User not found');
+    }
+    // If email changed, update index
+    if (existing.email.toLowerCase() !== user.email.toLowerCase()) {
+      this.emailIndex.delete(existing.email.toLowerCase());
+      this.emailIndex.set(user.email.toLowerCase(), user.id);
+    }
+    this.users.set(user.id, user);
+    return user;
+  }
+
+  async emailExists(email: string): Promise<boolean> {
+    return this.emailIndex.has(email.toLowerCase());
+  }
+}