1use async_trait::async_trait;
2use chrono::{DateTime, Utc};
3use std::collections::HashMap;
4use std::sync::{Arc, Mutex};
5use uuid::Uuid;
6
7use crate::error::{AuthError, AuthResult};
8use crate::types::{
9 Account, ApiKey, CreateAccount, CreateApiKey, CreateInvitation, CreateMember,
10 CreateOrganization, CreatePasskey, CreateSession, CreateTwoFactor, CreateUser,
11 CreateVerification, Invitation, InvitationStatus, ListUsersParams, Member, Organization,
12 Passkey, Session, TwoFactor, UpdateAccount, UpdateApiKey, UpdateOrganization, UpdateUser, User,
13 Verification,
14};
15
16pub use super::memory_traits::{
17 MemoryAccount, MemoryApiKey, MemoryInvitation, MemoryMember, MemoryOrganization, MemoryPasskey,
18 MemorySession, MemoryTwoFactor, MemoryUser, MemoryVerification,
19};
20
21use super::traits::{
22 AccountOps, ApiKeyOps, InvitationOps, MemberOps, OrganizationOps, PasskeyOps, SessionOps,
23 TwoFactorOps, UserOps, VerificationOps,
24};
25
26pub struct MemoryDatabaseAdapter<
41 U = User,
42 S = Session,
43 A = Account,
44 O = Organization,
45 M = Member,
46 I = Invitation,
47 V = Verification,
48 P = Passkey,
49> {
50 users: Arc<Mutex<HashMap<String, U>>>,
51 sessions: Arc<Mutex<HashMap<String, S>>>,
52 accounts: Arc<Mutex<HashMap<String, A>>>,
53 verifications: Arc<Mutex<HashMap<String, V>>>,
54 email_index: Arc<Mutex<HashMap<String, String>>>,
55 username_index: Arc<Mutex<HashMap<String, String>>>,
56 organizations: Arc<Mutex<HashMap<String, O>>>,
57 members: Arc<Mutex<HashMap<String, M>>>,
58 invitations: Arc<Mutex<HashMap<String, I>>>,
59 slug_index: Arc<Mutex<HashMap<String, String>>>,
60 two_factors: Arc<Mutex<HashMap<String, TwoFactor>>>,
61 api_keys: Arc<Mutex<HashMap<String, ApiKey>>>,
62 passkeys: Arc<Mutex<HashMap<String, P>>>,
63 passkey_credential_index: Arc<Mutex<HashMap<String, String>>>,
64}
65
66impl MemoryDatabaseAdapter {
69 pub fn new() -> Self {
70 Self::default()
71 }
72}
73
74impl<U, S, A, O, M, I, V, P> Default for MemoryDatabaseAdapter<U, S, A, O, M, I, V, P> {
75 fn default() -> Self {
76 Self {
77 users: Arc::new(Mutex::new(HashMap::new())),
78 sessions: Arc::new(Mutex::new(HashMap::new())),
79 accounts: Arc::new(Mutex::new(HashMap::new())),
80 verifications: Arc::new(Mutex::new(HashMap::new())),
81 email_index: Arc::new(Mutex::new(HashMap::new())),
82 username_index: Arc::new(Mutex::new(HashMap::new())),
83 organizations: Arc::new(Mutex::new(HashMap::new())),
84 members: Arc::new(Mutex::new(HashMap::new())),
85 invitations: Arc::new(Mutex::new(HashMap::new())),
86 slug_index: Arc::new(Mutex::new(HashMap::new())),
87 two_factors: Arc::new(Mutex::new(HashMap::new())),
88 api_keys: Arc::new(Mutex::new(HashMap::new())),
89 passkeys: Arc::new(Mutex::new(HashMap::new())),
90 passkey_credential_index: Arc::new(Mutex::new(HashMap::new())),
91 }
92 }
93}
94
95#[async_trait]
98impl<U, S, A, O, M, I, V, P> UserOps for MemoryDatabaseAdapter<U, S, A, O, M, I, V, P>
99where
100 U: MemoryUser,
101 S: MemorySession,
102 A: MemoryAccount,
103 O: MemoryOrganization,
104 M: MemoryMember,
105 I: MemoryInvitation,
106 V: MemoryVerification,
107 P: MemoryPasskey,
108{
109 type User = U;
110
111 async fn create_user(&self, create_user: CreateUser) -> AuthResult<U> {
112 let mut users = self.users.lock().unwrap();
113 let mut email_index = self.email_index.lock().unwrap();
114 let mut username_index = self.username_index.lock().unwrap();
115
116 let id = create_user
117 .id
118 .clone()
119 .unwrap_or_else(|| Uuid::new_v4().to_string());
120
121 if let Some(email) = &create_user.email
122 && email_index.contains_key(email)
123 {
124 return Err(AuthError::config("Email already exists"));
125 }
126
127 if let Some(username) = &create_user.username
128 && username_index.contains_key(username)
129 {
130 return Err(AuthError::conflict(
131 "A user with this username already exists",
132 ));
133 }
134
135 let now = Utc::now();
136 let user = U::from_create(id.clone(), &create_user, now);
137
138 users.insert(id.clone(), user.clone());
139
140 if let Some(email) = &create_user.email {
141 email_index.insert(email.clone(), id.clone());
142 }
143 if let Some(username) = &create_user.username {
144 username_index.insert(username.clone(), id);
145 }
146
147 Ok(user)
148 }
149
150 async fn get_user_by_id(&self, id: &str) -> AuthResult<Option<U>> {
151 let users = self.users.lock().unwrap();
152 Ok(users.get(id).cloned())
153 }
154
155 async fn get_user_by_email(&self, email: &str) -> AuthResult<Option<U>> {
156 let email_index = self.email_index.lock().unwrap();
157 let users = self.users.lock().unwrap();
158
159 if let Some(user_id) = email_index.get(email) {
160 Ok(users.get(user_id).cloned())
161 } else {
162 Ok(None)
163 }
164 }
165
166 async fn get_user_by_username(&self, username: &str) -> AuthResult<Option<U>> {
167 let username_index = self.username_index.lock().unwrap();
168 let users = self.users.lock().unwrap();
169
170 if let Some(user_id) = username_index.get(username) {
171 Ok(users.get(user_id).cloned())
172 } else {
173 Ok(None)
174 }
175 }
176
177 async fn update_user(&self, id: &str, update: UpdateUser) -> AuthResult<U> {
178 let mut users = self.users.lock().unwrap();
179 let mut email_index = self.email_index.lock().unwrap();
180 let mut username_index = self.username_index.lock().unwrap();
181
182 let user = users.get_mut(id).ok_or(AuthError::UserNotFound)?;
183
184 if let Some(new_email) = &update.email {
186 if let Some(old_email) = user.email() {
187 email_index.remove(old_email);
188 }
189 email_index.insert(new_email.clone(), id.to_string());
190 }
191
192 if let Some(ref new_username) = update.username {
193 if let Some(old_username) = user.username() {
194 username_index.remove(old_username);
195 }
196 username_index.insert(new_username.clone(), id.to_string());
197 }
198
199 user.apply_update(&update);
200 Ok(user.clone())
201 }
202
203 async fn delete_user(&self, id: &str) -> AuthResult<()> {
204 let mut users = self.users.lock().unwrap();
205 let mut email_index = self.email_index.lock().unwrap();
206 let mut username_index = self.username_index.lock().unwrap();
207
208 if let Some(user) = users.remove(id) {
209 if let Some(email) = user.email() {
210 email_index.remove(email);
211 }
212 if let Some(username) = user.username() {
213 username_index.remove(username);
214 }
215 }
216
217 Ok(())
218 }
219
220 async fn list_users(&self, params: ListUsersParams) -> AuthResult<(Vec<U>, usize)> {
221 let users = self.users.lock().unwrap();
222 let mut result: Vec<U> = users.values().cloned().collect();
223
224 if let Some(search_value) = ¶ms.search_value {
226 let field = params.search_field.as_deref().unwrap_or("email");
227 let op = params.search_operator.as_deref().unwrap_or("contains");
228 let sv = search_value.to_lowercase();
229 result.retain(|u| {
230 let field_val = match field {
231 "name" => u.name().unwrap_or("").to_lowercase(),
232 _ => u.email().unwrap_or("").to_lowercase(),
233 };
234 match op {
235 "starts_with" => field_val.starts_with(&sv),
236 "ends_with" => field_val.ends_with(&sv),
237 _ => field_val.contains(&sv),
238 }
239 });
240 }
241
242 if let Some(filter_value) = ¶ms.filter_value {
244 let field = params.filter_field.as_deref().unwrap_or("email");
245 let op = params.filter_operator.as_deref().unwrap_or("eq");
246 let fv = filter_value.to_lowercase();
247 result.retain(|u| {
248 let field_val = match field {
249 "name" => u.name().unwrap_or("").to_lowercase(),
250 "role" => u.role().unwrap_or("").to_lowercase(),
251 _ => u.email().unwrap_or("").to_lowercase(),
252 };
253 match op {
254 "contains" => field_val.contains(&fv),
255 "starts_with" => field_val.starts_with(&fv),
256 "ends_with" => field_val.ends_with(&fv),
257 "ne" => field_val != fv,
258 _ => field_val == fv,
259 }
260 });
261 }
262
263 if let Some(sort_by) = ¶ms.sort_by {
265 let desc = params.sort_direction.as_deref() == Some("desc");
266 result.sort_by(|a, b| {
267 let av = match sort_by.as_str() {
268 "name" => a.name().unwrap_or("").to_string(),
269 "createdAt" => a.created_at().to_rfc3339(),
270 _ => a.email().unwrap_or("").to_string(),
271 };
272 let bv = match sort_by.as_str() {
273 "name" => b.name().unwrap_or("").to_string(),
274 "createdAt" => b.created_at().to_rfc3339(),
275 _ => b.email().unwrap_or("").to_string(),
276 };
277 if desc { bv.cmp(&av) } else { av.cmp(&bv) }
278 });
279 }
280
281 let total = result.len();
282 let offset = params.offset.unwrap_or(0);
283 let limit = params.limit.unwrap_or(100);
284 let paged: Vec<U> = result.into_iter().skip(offset).take(limit).collect();
285
286 Ok((paged, total))
287 }
288}
289
290#[async_trait]
293impl<U, S, A, O, M, I, V, P> SessionOps for MemoryDatabaseAdapter<U, S, A, O, M, I, V, P>
294where
295 U: MemoryUser,
296 S: MemorySession,
297 A: MemoryAccount,
298 O: MemoryOrganization,
299 M: MemoryMember,
300 I: MemoryInvitation,
301 V: MemoryVerification,
302 P: MemoryPasskey,
303{
304 type Session = S;
305
306 async fn create_session(&self, create_session: CreateSession) -> AuthResult<S> {
307 let mut sessions = self.sessions.lock().unwrap();
308
309 let id = Uuid::new_v4().to_string();
310 let token = format!("session_{}", Uuid::new_v4());
311 let now = Utc::now();
312 let session = S::from_create(id, token.clone(), &create_session, now);
313
314 sessions.insert(token, session.clone());
315 Ok(session)
316 }
317
318 async fn get_session(&self, token: &str) -> AuthResult<Option<S>> {
319 let sessions = self.sessions.lock().unwrap();
320 Ok(sessions.get(token).cloned())
321 }
322
323 async fn get_user_sessions(&self, user_id: &str) -> AuthResult<Vec<S>> {
324 let sessions = self.sessions.lock().unwrap();
325 Ok(sessions
326 .values()
327 .filter(|s| s.user_id() == user_id && s.active())
328 .cloned()
329 .collect())
330 }
331
332 async fn update_session_expiry(
333 &self,
334 token: &str,
335 expires_at: DateTime<Utc>,
336 ) -> AuthResult<()> {
337 let mut sessions = self.sessions.lock().unwrap();
338 if let Some(session) = sessions.get_mut(token) {
339 session.set_expires_at(expires_at);
340 }
341 Ok(())
342 }
343
344 async fn delete_session(&self, token: &str) -> AuthResult<()> {
345 let mut sessions = self.sessions.lock().unwrap();
346 sessions.remove(token);
347 Ok(())
348 }
349
350 async fn delete_user_sessions(&self, user_id: &str) -> AuthResult<()> {
351 let mut sessions = self.sessions.lock().unwrap();
352 sessions.retain(|_, s| s.user_id() != user_id);
353 Ok(())
354 }
355
356 async fn delete_expired_sessions(&self) -> AuthResult<usize> {
357 let mut sessions = self.sessions.lock().unwrap();
358 let now = Utc::now();
359 let initial_count = sessions.len();
360 sessions.retain(|_, s| s.expires_at() > now && s.active());
361 Ok(initial_count - sessions.len())
362 }
363
364 async fn update_session_active_organization(
365 &self,
366 token: &str,
367 organization_id: Option<&str>,
368 ) -> AuthResult<S> {
369 let mut sessions = self.sessions.lock().unwrap();
370 let session = sessions.get_mut(token).ok_or(AuthError::SessionNotFound)?;
371 session.set_active_organization_id(organization_id.map(|s| s.to_string()));
372 session.set_updated_at(Utc::now());
373 Ok(session.clone())
374 }
375}
376
377#[async_trait]
380impl<U, S, A, O, M, I, V, P> AccountOps for MemoryDatabaseAdapter<U, S, A, O, M, I, V, P>
381where
382 U: MemoryUser,
383 S: MemorySession,
384 A: MemoryAccount,
385 O: MemoryOrganization,
386 M: MemoryMember,
387 I: MemoryInvitation,
388 V: MemoryVerification,
389 P: MemoryPasskey,
390{
391 type Account = A;
392
393 async fn create_account(&self, create_account: CreateAccount) -> AuthResult<A> {
394 let mut accounts = self.accounts.lock().unwrap();
395
396 let id = Uuid::new_v4().to_string();
397 let now = Utc::now();
398 let account = A::from_create(id.clone(), &create_account, now);
399
400 accounts.insert(id, account.clone());
401 Ok(account)
402 }
403
404 async fn get_account(
405 &self,
406 provider: &str,
407 provider_account_id: &str,
408 ) -> AuthResult<Option<A>> {
409 let accounts = self.accounts.lock().unwrap();
410 Ok(accounts
411 .values()
412 .find(|acc| acc.provider_id() == provider && acc.account_id() == provider_account_id)
413 .cloned())
414 }
415
416 async fn get_user_accounts(&self, user_id: &str) -> AuthResult<Vec<A>> {
417 let accounts = self.accounts.lock().unwrap();
418 Ok(accounts
419 .values()
420 .filter(|acc| acc.user_id() == user_id)
421 .cloned()
422 .collect())
423 }
424
425 async fn update_account(&self, id: &str, update: UpdateAccount) -> AuthResult<A> {
426 let mut accounts = self.accounts.lock().unwrap();
427 let account = accounts
428 .get_mut(id)
429 .ok_or_else(|| AuthError::not_found("Account not found"))?;
430 account.apply_update(&update);
431 Ok(account.clone())
432 }
433
434 async fn delete_account(&self, id: &str) -> AuthResult<()> {
435 let mut accounts = self.accounts.lock().unwrap();
436 accounts.remove(id);
437 Ok(())
438 }
439}
440
441#[async_trait]
444impl<U, S, A, O, M, I, V, P> VerificationOps for MemoryDatabaseAdapter<U, S, A, O, M, I, V, P>
445where
446 U: MemoryUser,
447 S: MemorySession,
448 A: MemoryAccount,
449 O: MemoryOrganization,
450 M: MemoryMember,
451 I: MemoryInvitation,
452 V: MemoryVerification,
453 P: MemoryPasskey,
454{
455 type Verification = V;
456
457 async fn create_verification(&self, create_verification: CreateVerification) -> AuthResult<V> {
458 let mut verifications = self.verifications.lock().unwrap();
459
460 let id = Uuid::new_v4().to_string();
461 let now = Utc::now();
462 let verification = V::from_create(id.clone(), &create_verification, now);
463
464 verifications.insert(id, verification.clone());
465 Ok(verification)
466 }
467
468 async fn get_verification(&self, identifier: &str, value: &str) -> AuthResult<Option<V>> {
469 let verifications = self.verifications.lock().unwrap();
470 let now = Utc::now();
471 Ok(verifications
472 .values()
473 .find(|v| v.identifier() == identifier && v.value() == value && v.expires_at() > now)
474 .cloned())
475 }
476
477 async fn get_verification_by_value(&self, value: &str) -> AuthResult<Option<V>> {
478 let verifications = self.verifications.lock().unwrap();
479 let now = Utc::now();
480 Ok(verifications
481 .values()
482 .find(|v| v.value() == value && v.expires_at() > now)
483 .cloned())
484 }
485
486 async fn get_verification_by_identifier(&self, identifier: &str) -> AuthResult<Option<V>> {
487 let verifications = self.verifications.lock().unwrap();
488 let now = Utc::now();
489 Ok(verifications
490 .values()
491 .find(|v| v.identifier() == identifier && v.expires_at() > now)
492 .cloned())
493 }
494
495 async fn consume_verification(&self, identifier: &str, value: &str) -> AuthResult<Option<V>> {
496 let mut verifications = self.verifications.lock().unwrap();
497 let now = Utc::now();
498
499 let matched_id = verifications
500 .iter()
501 .filter_map(|(id, verification)| {
502 if verification.identifier() == identifier
503 && verification.value() == value
504 && verification.expires_at() > now
505 {
506 Some((id, verification.created_at()))
507 } else {
508 None
509 }
510 })
511 .max_by_key(|(_, created_at)| *created_at)
512 .map(|(id, _)| id.clone());
513
514 if let Some(id) = matched_id {
515 Ok(verifications.remove(&id))
516 } else {
517 Ok(None)
518 }
519 }
520
521 async fn delete_verification(&self, id: &str) -> AuthResult<()> {
522 let mut verifications = self.verifications.lock().unwrap();
523 verifications.remove(id);
524 Ok(())
525 }
526
527 async fn delete_expired_verifications(&self) -> AuthResult<usize> {
528 let mut verifications = self.verifications.lock().unwrap();
529 let now = Utc::now();
530 let initial_count = verifications.len();
531 verifications.retain(|_, v| v.expires_at() > now);
532 Ok(initial_count - verifications.len())
533 }
534}
535
536#[async_trait]
539impl<U, S, A, O, M, I, V, P> OrganizationOps for MemoryDatabaseAdapter<U, S, A, O, M, I, V, P>
540where
541 U: MemoryUser,
542 S: MemorySession,
543 A: MemoryAccount,
544 O: MemoryOrganization,
545 M: MemoryMember,
546 I: MemoryInvitation,
547 V: MemoryVerification,
548 P: MemoryPasskey,
549{
550 type Organization = O;
551
552 async fn create_organization(&self, create_org: CreateOrganization) -> AuthResult<O> {
553 let mut organizations = self.organizations.lock().unwrap();
554 let mut slug_index = self.slug_index.lock().unwrap();
555
556 if slug_index.contains_key(&create_org.slug) {
557 return Err(AuthError::conflict("Organization slug already exists"));
558 }
559
560 let id = create_org
561 .id
562 .clone()
563 .unwrap_or_else(|| Uuid::new_v4().to_string());
564 let now = Utc::now();
565 let organization = O::from_create(id.clone(), &create_org, now);
566
567 organizations.insert(id.clone(), organization.clone());
568 slug_index.insert(create_org.slug.clone(), id);
569
570 Ok(organization)
571 }
572
573 async fn get_organization_by_id(&self, id: &str) -> AuthResult<Option<O>> {
574 let organizations = self.organizations.lock().unwrap();
575 Ok(organizations.get(id).cloned())
576 }
577
578 async fn get_organization_by_slug(&self, slug: &str) -> AuthResult<Option<O>> {
579 let slug_index = self.slug_index.lock().unwrap();
580 let organizations = self.organizations.lock().unwrap();
581
582 if let Some(org_id) = slug_index.get(slug) {
583 Ok(organizations.get(org_id).cloned())
584 } else {
585 Ok(None)
586 }
587 }
588
589 async fn update_organization(&self, id: &str, update: UpdateOrganization) -> AuthResult<O> {
590 let mut organizations = self.organizations.lock().unwrap();
591 let mut slug_index = self.slug_index.lock().unwrap();
592
593 let org = organizations
594 .get_mut(id)
595 .ok_or_else(|| AuthError::not_found("Organization not found"))?;
596
597 if let Some(new_slug) = &update.slug {
599 let current_slug = org.slug().to_string();
600 if *new_slug != current_slug {
601 if slug_index.contains_key(new_slug.as_str()) {
602 return Err(AuthError::conflict("Organization slug already exists"));
603 }
604 slug_index.remove(¤t_slug);
605 slug_index.insert(new_slug.clone(), id.to_string());
606 }
607 }
608
609 org.apply_update(&update);
610 Ok(org.clone())
611 }
612
613 async fn delete_organization(&self, id: &str) -> AuthResult<()> {
614 let mut organizations = self.organizations.lock().unwrap();
615 let mut slug_index = self.slug_index.lock().unwrap();
616 let mut members = self.members.lock().unwrap();
617 let mut invitations = self.invitations.lock().unwrap();
618
619 if let Some(org) = organizations.remove(id) {
620 slug_index.remove(org.slug());
621 }
622
623 members.retain(|_, m| m.organization_id() != id);
624 invitations.retain(|_, i| i.organization_id() != id);
625
626 Ok(())
627 }
628
629 async fn list_user_organizations(&self, user_id: &str) -> AuthResult<Vec<O>> {
630 let members = self.members.lock().unwrap();
631 let organizations = self.organizations.lock().unwrap();
632
633 let org_ids: Vec<String> = members
634 .values()
635 .filter(|m| m.user_id() == user_id)
636 .map(|m| m.organization_id().to_string())
637 .collect();
638
639 let orgs = org_ids
640 .iter()
641 .filter_map(|id| organizations.get(id).cloned())
642 .collect();
643
644 Ok(orgs)
645 }
646}
647
648#[async_trait]
651impl<U, S, A, O, M, I, V, P> MemberOps for MemoryDatabaseAdapter<U, S, A, O, M, I, V, P>
652where
653 U: MemoryUser,
654 S: MemorySession,
655 A: MemoryAccount,
656 O: MemoryOrganization,
657 M: MemoryMember,
658 I: MemoryInvitation,
659 V: MemoryVerification,
660 P: MemoryPasskey,
661{
662 type Member = M;
663
664 async fn create_member(&self, create_member: CreateMember) -> AuthResult<M> {
665 let mut members = self.members.lock().unwrap();
666
667 let exists = members.values().any(|m| {
668 m.organization_id() == create_member.organization_id
669 && m.user_id() == create_member.user_id
670 });
671
672 if exists {
673 return Err(AuthError::conflict(
674 "User is already a member of this organization",
675 ));
676 }
677
678 let id = Uuid::new_v4().to_string();
679 let now = Utc::now();
680 let member = M::from_create(id.clone(), &create_member, now);
681
682 members.insert(id, member.clone());
683 Ok(member)
684 }
685
686 async fn get_member(&self, organization_id: &str, user_id: &str) -> AuthResult<Option<M>> {
687 let members = self.members.lock().unwrap();
688 Ok(members
689 .values()
690 .find(|m| m.organization_id() == organization_id && m.user_id() == user_id)
691 .cloned())
692 }
693
694 async fn get_member_by_id(&self, id: &str) -> AuthResult<Option<M>> {
695 let members = self.members.lock().unwrap();
696 Ok(members.get(id).cloned())
697 }
698
699 async fn update_member_role(&self, member_id: &str, role: &str) -> AuthResult<M> {
700 let mut members = self.members.lock().unwrap();
701 let member = members
702 .get_mut(member_id)
703 .ok_or_else(|| AuthError::not_found("Member not found"))?;
704 member.set_role(role.to_string());
705 Ok(member.clone())
706 }
707
708 async fn delete_member(&self, member_id: &str) -> AuthResult<()> {
709 let mut members = self.members.lock().unwrap();
710 members.remove(member_id);
711 Ok(())
712 }
713
714 async fn list_organization_members(&self, organization_id: &str) -> AuthResult<Vec<M>> {
715 let members = self.members.lock().unwrap();
716 Ok(members
717 .values()
718 .filter(|m| m.organization_id() == organization_id)
719 .cloned()
720 .collect())
721 }
722
723 async fn count_organization_members(&self, organization_id: &str) -> AuthResult<usize> {
724 let members = self.members.lock().unwrap();
725 Ok(members
726 .values()
727 .filter(|m| m.organization_id() == organization_id)
728 .count())
729 }
730
731 async fn count_organization_owners(&self, organization_id: &str) -> AuthResult<usize> {
732 let members = self.members.lock().unwrap();
733 Ok(members
734 .values()
735 .filter(|m| m.organization_id() == organization_id && m.role() == "owner")
736 .count())
737 }
738}
739
740#[async_trait]
743impl<U, S, A, O, M, I, V, P> InvitationOps for MemoryDatabaseAdapter<U, S, A, O, M, I, V, P>
744where
745 U: MemoryUser,
746 S: MemorySession,
747 A: MemoryAccount,
748 O: MemoryOrganization,
749 M: MemoryMember,
750 I: MemoryInvitation,
751 V: MemoryVerification,
752 P: MemoryPasskey,
753{
754 type Invitation = I;
755
756 async fn create_invitation(&self, create_inv: CreateInvitation) -> AuthResult<I> {
757 let mut invitations = self.invitations.lock().unwrap();
758
759 let id = Uuid::new_v4().to_string();
760 let now = Utc::now();
761 let invitation = I::from_create(id.clone(), &create_inv, now);
762
763 invitations.insert(id, invitation.clone());
764 Ok(invitation)
765 }
766
767 async fn get_invitation_by_id(&self, id: &str) -> AuthResult<Option<I>> {
768 let invitations = self.invitations.lock().unwrap();
769 Ok(invitations.get(id).cloned())
770 }
771
772 async fn get_pending_invitation(
773 &self,
774 organization_id: &str,
775 email: &str,
776 ) -> AuthResult<Option<I>> {
777 let invitations = self.invitations.lock().unwrap();
778 Ok(invitations
779 .values()
780 .find(|i| {
781 i.organization_id() == organization_id
782 && i.email().to_lowercase() == email.to_lowercase()
783 && *i.status() == InvitationStatus::Pending
784 })
785 .cloned())
786 }
787
788 async fn update_invitation_status(&self, id: &str, status: InvitationStatus) -> AuthResult<I> {
789 let mut invitations = self.invitations.lock().unwrap();
790 let invitation = invitations
791 .get_mut(id)
792 .ok_or_else(|| AuthError::not_found("Invitation not found"))?;
793 invitation.set_status(status);
794 Ok(invitation.clone())
795 }
796
797 async fn list_organization_invitations(&self, organization_id: &str) -> AuthResult<Vec<I>> {
798 let invitations = self.invitations.lock().unwrap();
799 Ok(invitations
800 .values()
801 .filter(|i| i.organization_id() == organization_id)
802 .cloned()
803 .collect())
804 }
805
806 async fn list_user_invitations(&self, email: &str) -> AuthResult<Vec<I>> {
807 let invitations = self.invitations.lock().unwrap();
808 let now = Utc::now();
809 Ok(invitations
810 .values()
811 .filter(|i| {
812 i.email().to_lowercase() == email.to_lowercase()
813 && *i.status() == InvitationStatus::Pending
814 && i.expires_at() > now
815 })
816 .cloned()
817 .collect())
818 }
819}
820
821#[async_trait]
824impl<U, S, A, O, M, I, V, P> TwoFactorOps for MemoryDatabaseAdapter<U, S, A, O, M, I, V, P>
825where
826 U: MemoryUser,
827 S: MemorySession,
828 A: MemoryAccount,
829 O: MemoryOrganization,
830 M: MemoryMember,
831 I: MemoryInvitation,
832 V: MemoryVerification,
833 P: MemoryPasskey,
834{
835 type TwoFactor = TwoFactor;
836
837 async fn create_two_factor(&self, create: CreateTwoFactor) -> AuthResult<TwoFactor> {
838 let mut two_factors = self.two_factors.lock().unwrap();
839
840 if two_factors.values().any(|tf| tf.user_id == create.user_id) {
842 return Err(AuthError::conflict(
843 "Two-factor authentication already enabled for this user",
844 ));
845 }
846
847 let id = Uuid::new_v4().to_string();
848 let now = Utc::now();
849 let two_factor: TwoFactor = MemoryTwoFactor::from_create(id.clone(), &create, now);
850
851 two_factors.insert(id, two_factor.clone());
852 Ok(two_factor)
853 }
854
855 async fn get_two_factor_by_user_id(&self, user_id: &str) -> AuthResult<Option<TwoFactor>> {
856 let two_factors = self.two_factors.lock().unwrap();
857 Ok(two_factors
858 .values()
859 .find(|tf| tf.user_id == user_id)
860 .cloned())
861 }
862
863 async fn update_two_factor_backup_codes(
864 &self,
865 user_id: &str,
866 backup_codes: &str,
867 ) -> AuthResult<TwoFactor> {
868 let mut two_factors = self.two_factors.lock().unwrap();
869 let two_factor = two_factors
870 .values_mut()
871 .find(|tf| tf.user_id == user_id)
872 .ok_or_else(|| AuthError::not_found("Two-factor record not found"))?;
873 two_factor.set_backup_codes(backup_codes.to_string());
874 Ok(two_factor.clone())
875 }
876
877 async fn delete_two_factor(&self, user_id: &str) -> AuthResult<()> {
878 let mut two_factors = self.two_factors.lock().unwrap();
879 two_factors.retain(|_, tf| tf.user_id != user_id);
880 Ok(())
881 }
882}
883
884#[async_trait]
887impl<U, S, A, O, M, I, V, P> ApiKeyOps for MemoryDatabaseAdapter<U, S, A, O, M, I, V, P>
888where
889 U: MemoryUser,
890 S: MemorySession,
891 A: MemoryAccount,
892 O: MemoryOrganization,
893 M: MemoryMember,
894 I: MemoryInvitation,
895 V: MemoryVerification,
896 P: MemoryPasskey,
897{
898 type ApiKey = ApiKey;
899
900 async fn create_api_key(&self, input: CreateApiKey) -> AuthResult<ApiKey> {
901 let mut api_keys = self.api_keys.lock().unwrap();
902
903 if api_keys.values().any(|k| k.key_hash == input.key_hash) {
904 return Err(AuthError::conflict("API key already exists"));
905 }
906
907 let id = Uuid::new_v4().to_string();
908 let now = Utc::now();
909 let api_key: ApiKey = MemoryApiKey::from_create(id.clone(), &input, now);
910
911 api_keys.insert(id, api_key.clone());
912 Ok(api_key)
913 }
914
915 async fn get_api_key_by_id(&self, id: &str) -> AuthResult<Option<ApiKey>> {
916 let api_keys = self.api_keys.lock().unwrap();
917 Ok(api_keys.get(id).cloned())
918 }
919
920 async fn get_api_key_by_hash(&self, hash: &str) -> AuthResult<Option<ApiKey>> {
921 let api_keys = self.api_keys.lock().unwrap();
922 Ok(api_keys.values().find(|k| k.key_hash == hash).cloned())
923 }
924
925 async fn list_api_keys_by_user(&self, user_id: &str) -> AuthResult<Vec<ApiKey>> {
926 let api_keys = self.api_keys.lock().unwrap();
927 let mut keys: Vec<ApiKey> = api_keys
928 .values()
929 .filter(|k| k.user_id == user_id)
930 .cloned()
931 .collect();
932 keys.sort_by(|a, b| b.created_at.cmp(&a.created_at));
933 Ok(keys)
934 }
935
936 async fn update_api_key(&self, id: &str, update: UpdateApiKey) -> AuthResult<ApiKey> {
937 let mut api_keys = self.api_keys.lock().unwrap();
938 let api_key = api_keys
939 .get_mut(id)
940 .ok_or_else(|| AuthError::not_found("API key not found"))?;
941 api_key.apply_update(&update);
942 Ok(api_key.clone())
943 }
944
945 async fn delete_api_key(&self, id: &str) -> AuthResult<()> {
946 let mut api_keys = self.api_keys.lock().unwrap();
947 api_keys.remove(id);
948 Ok(())
949 }
950}
951
952#[async_trait]
955impl<U, S, A, O, M, I, V, P> PasskeyOps for MemoryDatabaseAdapter<U, S, A, O, M, I, V, P>
956where
957 U: MemoryUser,
958 S: MemorySession,
959 A: MemoryAccount,
960 O: MemoryOrganization,
961 M: MemoryMember,
962 I: MemoryInvitation,
963 V: MemoryVerification,
964 P: MemoryPasskey,
965{
966 type Passkey = P;
967
968 async fn create_passkey(&self, input: CreatePasskey) -> AuthResult<P> {
969 let mut credential_index = self.passkey_credential_index.lock().unwrap();
970 let mut passkeys = self.passkeys.lock().unwrap();
971
972 if credential_index.contains_key(&input.credential_id) {
973 return Err(AuthError::conflict(
974 "A passkey with this credential ID already exists",
975 ));
976 }
977
978 let id = Uuid::new_v4().to_string();
979 let now = Utc::now();
980 let passkey = P::from_create(id.clone(), &input, now);
981
982 credential_index.insert(input.credential_id.clone(), id.clone());
983 passkeys.insert(id, passkey.clone());
984 Ok(passkey)
985 }
986
987 async fn get_passkey_by_id(&self, id: &str) -> AuthResult<Option<P>> {
988 let passkeys = self.passkeys.lock().unwrap();
989 Ok(passkeys.get(id).cloned())
990 }
991
992 async fn get_passkey_by_credential_id(&self, credential_id: &str) -> AuthResult<Option<P>> {
993 let passkey_id = {
994 let credential_index = self.passkey_credential_index.lock().unwrap();
995 credential_index.get(credential_id).cloned()
996 };
997
998 let passkeys = self.passkeys.lock().unwrap();
999
1000 if let Some(id) = passkey_id {
1001 Ok(passkeys.get(&id).cloned())
1002 } else {
1003 Ok(None)
1004 }
1005 }
1006
1007 async fn list_passkeys_by_user(&self, user_id: &str) -> AuthResult<Vec<P>> {
1008 let passkeys = self.passkeys.lock().unwrap();
1009 let mut matched: Vec<P> = passkeys
1010 .values()
1011 .filter(|p| p.user_id() == user_id)
1012 .cloned()
1013 .collect();
1014 matched.sort_by_key(|p| std::cmp::Reverse(p.created_at()));
1015 Ok(matched)
1016 }
1017
1018 async fn update_passkey_counter(&self, id: &str, counter: u64) -> AuthResult<P> {
1019 let mut passkeys = self.passkeys.lock().unwrap();
1020 let passkey = passkeys
1021 .get_mut(id)
1022 .ok_or_else(|| AuthError::not_found("Passkey not found"))?;
1023 passkey.set_counter(counter);
1024 Ok(passkey.clone())
1025 }
1026
1027 async fn update_passkey_name(&self, id: &str, name: &str) -> AuthResult<P> {
1028 let mut passkeys = self.passkeys.lock().unwrap();
1029 let passkey = passkeys
1030 .get_mut(id)
1031 .ok_or_else(|| AuthError::not_found("Passkey not found"))?;
1032 passkey.set_name(name.to_string());
1033 Ok(passkey.clone())
1034 }
1035
1036 async fn delete_passkey(&self, id: &str) -> AuthResult<()> {
1037 let mut credential_index = self.passkey_credential_index.lock().unwrap();
1038 let mut passkeys = self.passkeys.lock().unwrap();
1039
1040 if let Some(passkey) = passkeys.remove(id) {
1041 credential_index.remove(passkey.credential_id());
1042 }
1043 Ok(())
1044 }
1045}