cedros-login-server 0.0.6

Authentication server for cedros-login with email/password, Google OAuth, and Solana wallet sign-in
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112

//! Invite data models

use chrono::{DateTime, Utc};
use serde::{Deserialize, Serialize};
use uuid::Uuid;

use crate::repositories::InviteEntity;

/// Invite response (excludes token_hash for security)
#[derive(Debug, Clone, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct InviteResponse {
    pub id: Uuid,
    pub org_id: Uuid,
    /// Email address (if email-based invite)
    #[serde(skip_serializing_if = "Option::is_none")]
    pub email: Option<String>,
    /// Solana wallet address (if wallet-based invite)
    #[serde(skip_serializing_if = "Option::is_none")]
    pub wallet_address: Option<String>,
    pub role: String,
    pub invited_by: Uuid,
    pub created_at: DateTime<Utc>,
    pub expires_at: DateTime<Utc>,
    #[serde(skip_serializing_if = "Option::is_none")]
    pub accepted_at: Option<DateTime<Utc>>,
}

impl InviteResponse {
    /// Create from entity
    pub fn from_entity(invite: &InviteEntity) -> Self {
        Self {
            id: invite.id,
            org_id: invite.org_id,
            email: invite.email.clone(),
            wallet_address: invite.wallet_address.clone(),
            role: invite.role.as_str().to_string(),
            invited_by: invite.invited_by,
            created_at: invite.created_at,
            expires_at: invite.expires_at,
            accepted_at: invite.accepted_at,
        }
    }
}

/// Create invite request
///
/// Either `email` or `wallet_address` must be provided (but not both).
#[derive(Debug, Clone, Deserialize)]
#[serde(rename_all = "camelCase")]
pub struct CreateInviteRequest {
    /// Email address to invite (mutually exclusive with wallet_address)
    #[serde(default)]
    pub email: Option<String>,
    /// Solana wallet address to invite (mutually exclusive with email)
    #[serde(default)]
    pub wallet_address: Option<String>,
    #[serde(default = "default_role")]
    pub role: String,
}

impl CreateInviteRequest {
    /// Validate that exactly one of email or wallet_address is provided
    pub fn validate(&self) -> Result<(), &'static str> {
        match (&self.email, &self.wallet_address) {
            (None, None) => Err("Either email or walletAddress must be provided"),
            (Some(_), Some(_)) => Err("Cannot specify both email and walletAddress"),
            _ => Ok(()),
        }
    }

    /// Check if this is a wallet-based invite
    pub fn is_wallet_invite(&self) -> bool {
        self.wallet_address.is_some()
    }
}

fn default_role() -> String {
    "member".to_string()
}

/// Accept invite request
#[derive(Debug, Clone, Deserialize)]
pub struct AcceptInviteRequest {
    pub token: String,
}

/// Accept invite response
#[derive(Debug, Clone, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct AcceptInviteResponse {
    pub org_id: Uuid,
    pub org_name: String,
    pub role: String,
}

/// List invites response
#[derive(Debug, Clone, Serialize)]
pub struct ListInvitesResponse {
    pub invites: Vec<InviteResponse>,
    pub total: u64,
}

/// Invite with token response (only returned on create/resend)
#[derive(Debug, Clone, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct InviteWithTokenResponse {
    #[serde(flatten)]
    pub invite: InviteResponse,
    /// The invite token (only shown once)
    pub token: String,
}