refactor: reorganize domain structure to use Entities.Auth namespace for users, roles, permissions, and OTP codes

Author: MorveN11

apps/backend/src/Application/Abstractions/Authentication/ITokenProvider.cs

@@ -1,4 +1,4 @@
-using Domain.Users;
+using Domain.Entities.Auth.Users;
 
 namespace Application.Abstractions.Authentication;
 

apps/backend/src/Application/Abstractions/Data/IApplicationDbContext.cs

@@ -1,10 +1,10 @@
-using Domain.Joins;
-using Domain.OtpCodes;
-using Domain.Permissions;
-using Domain.RefreshTokens;
-using Domain.Roles;
-using Domain.UserProfiles;
-using Domain.Users;
+using Domain.Entities.Auth.OtpCodes;
+using Domain.Entities.Auth.Permissions;
+using Domain.Entities.Auth.RefreshTokens;
+using Domain.Entities.Auth.Roles;
+using Domain.Entities.Auth.UserProfiles;
+using Domain.Entities.Auth.Users;
+using Domain.Joins;
 using Microsoft.EntityFrameworkCore;
 
 namespace Application.Abstractions.Data;

apps/backend/src/Application/Application.csproj

@@ -13,9 +13,4 @@
     <ProjectReference Include="..\Domain\Domain.csproj" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Folder Include="Commands\Auth\ForgotPassword\" />
-    <Folder Include="Commands\Auth\ResetPassword\" />
-  </ItemGroup>
-
 </Project>

apps/backend/src/Application/Commands/Auth/FinishSessions/FinishSessionsCommandHandler.cs

@@ -2,8 +2,9 @@
 using Application.Abstractions.Authorization;
 using Application.Abstractions.Data;
 using Application.Abstractions.Messaging;
-using Application.Abstractions.Services;
 using Domain.Authorization;
+using Domain.Identifiers;
+using Domain.Services;
 using Microsoft.EntityFrameworkCore;
 using SharedKernel.Results;
 
@@ -40,6 +41,8 @@ await context
 
         await cacheService.BlacklistTokenAsync(jwt, cancellationToken);
 
+        await cacheService.EvictByTagAsync(Tags.Users, cancellationToken);
+
         return Result.Success();
     }
 }

apps/backend/src/Application/Commands/Auth/ForgotPassword/ForgotPasswordCommand.cs

@@ -0,0 +1,5 @@
+using Application.Abstractions.Messaging;
+
+namespace Application.Commands.Auth.ForgotPassword;
+
+public sealed record ForgotPasswordCommand(string Email) : ICommand;

apps/backend/src/Application/Commands/Auth/ForgotPassword/ForgotPasswordCommandHandler.cs

@@ -0,0 +1,53 @@
+using Application.Abstractions.Data;
+using Application.Abstractions.Messaging;
+using Domain.Entities.Auth.OtpCodes;
+using Domain.Entities.Auth.Users;
+using Domain.Enums;
+using Domain.Services;
+using Microsoft.EntityFrameworkCore;
+using SharedKernel.Errors;
+using SharedKernel.Results;
+using SharedKernel.Time;
+
+namespace Application.Commands.Auth.ForgotPassword;
+
+internal sealed class ForgotPasswordCommandHandler(
+    IApplicationDbContext context,
+    IDateTimeProvider timeProvider,
+    IEmailService emailService
+) : ICommandHandler<ForgotPasswordCommand>
+{
+    public async Task<Result> Handle(
+        ForgotPasswordCommand command,
+        CancellationToken cancellationToken
+    )
+    {
+        User? user = await context
+            .Users.AsNoTracking()
+            .SingleOrDefaultAsync(x => x.Email == command.Email, cancellationToken);
+
+        if (!User.IsValidUser(user, command.Email, out Error? error))
+        {
+            return Result.Failure(error!);
+        }
+
+        string otpCode = OtpCode.GenerateCode();
+
+        var otpCodeEntity = new OtpCode
+        {
+            UserId = user!.Id,
+            Code = otpCode,
+            Type = OtpCodeType.ResetPassword,
+            CreatedOnUtc = timeProvider.UtcNow,
+            ExpiredOnUtc = timeProvider.UtcNow.AddMinutes(15),
+        };
+
+        context.OtpCodes.Add(otpCodeEntity);
+
+        await context.SaveChangesAsync(cancellationToken);
+
+        await User.SendOtpCodeAsync(emailService, command.Email, otpCode, cancellationToken);
+
+        return Result.Success();
+    }
+}

apps/backend/src/Application/Commands/Auth/ForgotPassword/ForgotPasswordCommandValidator.cs

@@ -0,0 +1,11 @@
+using FluentValidation;
+
+namespace Application.Commands.Auth.ForgotPassword;
+
+internal sealed class ForgotPasswordCommandValidator : AbstractValidator<ForgotPasswordCommand>
+{
+    public ForgotPasswordCommandValidator()
+    {
+        RuleFor(x => x.Email).NotEmpty().EmailAddress();
+    }
+}

apps/backend/src/Application/Commands/Auth/Login/LoginCommandHandler.cs

@@ -1,10 +1,10 @@
 using Application.Abstractions.Authentication;
 using Application.Abstractions.Data;
 using Application.Abstractions.Messaging;
-using Domain.Enums;
-using Domain.RefreshTokens;
-using Domain.Users;
+using Domain.Entities.Auth.RefreshTokens;
+using Domain.Entities.Auth.Users;
 using Microsoft.EntityFrameworkCore;
+using SharedKernel.Errors;
 using SharedKernel.Results;
 using SharedKernel.Time;
 
@@ -29,28 +29,18 @@ CancellationToken cancellationToken
             .Include(u => u.Profile)
             .SingleOrDefaultAsync(u => u.Email == command.Email, cancellationToken);
 
-        if (user is null)
+        if (!User.IsValidUser(user, command.Email, out Error? error))
         {
-            return Result.Failure<LoginResponse>(UserErrors.InvalidCredentials);
+            return Result.Failure<LoginResponse>(error!);
         }
 
-        bool verified = passwordHasher.Verify(command.Password, user.PasswordHash);
+        bool verified = passwordHasher.Verify(command.Password, user!.PasswordHash);
 
         if (!verified)
         {
             return Result.Failure<LoginResponse>(UserErrors.InvalidCredentials);
         }
 
-        if (!user.EmailVerified || user.Status == UserStatus.Pending)
-        {
-            return Result.Failure<LoginResponse>(UserErrors.EmailNotVerified);
-        }
-
-        if (user.Status == UserStatus.Blocked)
-        {
-            return Result.Failure<LoginResponse>(UserErrors.Forbidden);
-        }
-
         string accessToken = tokenProvider.Create(user);
 
         var refreshToken = new RefreshToken

apps/backend/src/Application/Commands/Auth/LoginRefreshToken/LoginRefreshTokenCommandHandler.cs

@@ -1,7 +1,7 @@
 using Application.Abstractions.Authentication;
 using Application.Abstractions.Data;
 using Application.Abstractions.Messaging;
-using Domain.RefreshTokens;
+using Domain.Entities.Auth.RefreshTokens;
 using Microsoft.EntityFrameworkCore;
 using SharedKernel.Results;
 using SharedKernel.Time;

apps/backend/src/Application/Commands/Auth/Logout/LogoutUserCommandHandler.cs

@@ -2,10 +2,10 @@
 using Application.Abstractions.Authorization;
 using Application.Abstractions.Data;
 using Application.Abstractions.Messaging;
-using Application.Abstractions.Services;
 using Domain.Authorization;
-using Domain.RefreshTokens;
-using Domain.Users;
+using Domain.Entities.Auth.RefreshTokens;
+using Domain.Identifiers;
+using Domain.Services;
 using Microsoft.EntityFrameworkCore;
 using SharedKernel.Results;
 
@@ -38,7 +38,7 @@ public async Task<Result> Handle(LogoutUserCommand command, CancellationToken ca
 
         if (refreshToken is null)
         {
-            return Result.Failure(UserErrors.SessionNotFound);
+            return Result.Failure(RefreshTokenErrors.SessionNotFound);
         }
 
         context.RefreshTokens.Remove(refreshToken);
@@ -49,6 +49,8 @@ public async Task<Result> Handle(LogoutUserCommand command, CancellationToken ca
 
         await cacheService.BlacklistTokenAsync(jwt, cancellationToken);
 
+        await cacheService.EvictByTagAsync(Tags.Users, cancellationToken);
+
         return Result.Success();
     }
 }