kai/ColaFlow
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

In progress
Some checks failed
Code Coverage / Generate Coverage Report (push) Has been cancelled
Details
Tests / Run Tests (9.0.x) (push) Has been cancelled
Details
Tests / Docker Build Test (push) Has been cancelled
Details
Tests / Test Summary (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Yaojia Wang
2025-11-03 14:00:24 +01:00
parent fe8ad1c1f9
commit 1f66b25f30
74 changed files with 9609 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
colaflow-api/src/ColaFlow.API/ColaFlow.API.csproj
View File

@@ -20,11 +20,13 @@
<ProjectReference Include="..\Modules\ProjectManagement\ColaFlow.Modules.ProjectManagement.Application\ColaFlow.Modules.ProjectManagement.Application.csproj" />
<ProjectReference Include="..\Modules\ProjectManagement\ColaFlow.Modules.ProjectManagement.Infrastructure\ColaFlow.Modules.ProjectManagement.Infrastructure.csproj" />
<ProjectReference Include="..\Shared\ColaFlow.Shared.Kernel\ColaFlow.Shared.Kernel.csproj" />
<ProjectReference Include="..\Modules\Identity\ColaFlow.Modules.Identity.Application\ColaFlow.Modules.Identity.Application.csproj" />
<ProjectReference Include="..\Modules\Identity\ColaFlow.Modules.Identity.Infrastructure\ColaFlow.Modules.Identity.Infrastructure.csproj" />
</ItemGroup>
<ItemGroup>
<PackageReference Include="MediatR" Version="13.1.0" />
<PackageReference Include="FluentValidation.DependencyInjectionExtensions" Version="11.10.0" />
<PackageReference Include="FluentValidation.DependencyInjectionExtensions" Version="12.1.0" />
</ItemGroup>
</Project>

38
colaflow-api/src/ColaFlow.API/Controllers/AuthController.cs Normal file
View File

@@ -0,0 +1,38 @@
using ColaFlow.Modules.Identity.Application.Commands.Login;
using MediatR;
using Microsoft.AspNetCore.Mvc;
namespace ColaFlow.API.Controllers;
[ApiController]
[Route("api/[controller]")]
public class AuthController : ControllerBase
{
private readonly IMediator _mediator;
public AuthController(IMediator mediator)
{
_mediator = mediator;
}
/// <summary>
/// Login with email and password
/// </summary>
[HttpPost("login")]
public async Task<IActionResult> Login([FromBody] LoginCommand command)
{
var result = await _mediator.Send(command);
return Ok(result);
}
/// <summary>
/// Get current user (requires authentication)
/// </summary>
[HttpGet("me")]
// [Authorize] // TODO: Add after JWT middleware is configured
public async Task<IActionResult> GetCurrentUser()
{
// TODO: Implement after JWT middleware
return Ok(new { message = "Current user endpoint - to be implemented" });
}
}

55
colaflow-api/src/ColaFlow.API/Controllers/TenantsController.cs Normal file
View File

@@ -0,0 +1,55 @@
using ColaFlow.Modules.Identity.Application.Commands.RegisterTenant;
using ColaFlow.Modules.Identity.Application.Queries.GetTenantBySlug;
using MediatR;
using Microsoft.AspNetCore.Mvc;
namespace ColaFlow.API.Controllers;
[ApiController]
[Route("api/[controller]")]
public class TenantsController : ControllerBase
{
private readonly IMediator _mediator;
public TenantsController(IMediator mediator)
{
_mediator = mediator;
}
/// <summary>
/// Register a new tenant (company signup)
/// </summary>
[HttpPost("register")]
public async Task<IActionResult> Register([FromBody] RegisterTenantCommand command)
{
var result = await _mediator.Send(command);
return Ok(result);
}
/// <summary>
/// Get tenant by slug (for login page tenant resolution)
/// </summary>
[HttpGet("{slug}")]
public async Task<IActionResult> GetBySlug(string slug)
{
var query = new GetTenantBySlugQuery(slug);
var result = await _mediator.Send(query);
if (result == null)
return NotFound(new { message = "Tenant not found" });
return Ok(result);
}
/// <summary>
/// Check if tenant slug is available
/// </summary>
[HttpGet("check-slug/{slug}")]
public async Task<IActionResult> CheckSlug(string slug)
{
var query = new GetTenantBySlugQuery(slug);
var result = await _mediator.Send(query);
return Ok(new { available = result == null });
}
}

6
colaflow-api/src/ColaFlow.API/Program.cs
View File

@@ -1,5 +1,7 @@
using ColaFlow.API.Extensions;
using ColaFlow.API.Handlers;
using ColaFlow.Modules.Identity.Application;
using ColaFlow.Modules.Identity.Infrastructure;
using Scalar.AspNetCore;
var builder = WebApplication.CreateBuilder(args);
@@ -7,6 +9,10 @@ var builder = WebApplication.CreateBuilder(args);
// Register ProjectManagement Module
builder.Services.AddProjectManagementModule(builder.Configuration);
// Register Identity Module
builder.Services.AddIdentityApplication();
builder.Services.AddIdentityInfrastructure(builder.Configuration);
// Add controllers
builder.Services.AddControllers();

3
colaflow-api/src/ColaFlow.API/appsettings.Development.json
View File

@@ -1,6 +1,7 @@
{
"ConnectionStrings": {
"PMDatabase": "Host=localhost;Port=5432;Database=colaflow_pm;Username=colaflow;Password=colaflow_dev_password"
"PMDatabase": "Host=localhost;Port=5432;Database=colaflow_pm;Username=colaflow;Password=colaflow_dev_password",
"DefaultConnection": "Host=localhost;Port=5432;Database=colaflow_identity;Username=colaflow;Password=colaflow_dev_password"
},
"MediatR": {
"LicenseKey": "eyJhbGciOiJSUzI1NiIsImtpZCI6Ikx1Y2t5UGVubnlTb2Z0d2FyZUxpY2Vuc2VLZXkvYmJiMTNhY2I1OTkwNGQ4OWI0Y2IxYzg1ZjA4OGNjZjkiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL2x1Y2t5cGVubnlzb2Z0d2FyZS5jb20iLCJhdWQiOiJMdWNreVBlbm55U29mdHdhcmUiLCJleHAiOiIxNzkzNTc3NjAwIiwiaWF0IjoiMTc2MjEyNTU2MiIsImFjY291bnRfaWQiOiIwMTlhNDZkZGZiZjk3YTk4Yjg1ZTVmOTllNWRhZjIwNyIsImN1c3RvbWVyX2lkIjoiY3RtXzAxazkzZHdnOG0weDByanp3Mm5rM2dxeDExIiwic3ViX2lkIjoiLSIsImVkaXRpb24iOiIwIiwidHlwZSI6IjIifQ.V45vUlze27pQG3Vs9dvagyUTSp-a74ymB6I0TIGD_NwFt1mMMPsuVXOKH1qK7A7V5qDQBvYyryzJy8xRE1rRKq2MJKgyfYjvzuGkpBbKbM6JRQPYknb5tjF-Rf3LAeWp73FiqbPZOPt5saCsoKqUHej-4zcKg5GA4y-PpGaGAONKyqwK9G2rvc1BUHfEnHKRMr0pprA5W1Yx-Lry85KOckUsI043HGOdfbubnGdAZs74FKvrV2qVir6K6VsZjWwX8IFnl1CzxjICa5MxyHOAVpXRnRtMt6fpsA1fMstFuRjq_2sbqGfsTv6LyCzLPnXdmU5DnWZHUcjy0xlAT_f0aw"

19
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Application/ColaFlow.Modules.Identity.Application.csproj Normal file
View File

@@ -0,0 +1,19 @@
<Project Sdk="Microsoft.NET.Sdk">
<ItemGroup>
<ProjectReference Include="..\ColaFlow.Modules.Identity.Domain\ColaFlow.Modules.Identity.Domain.csproj" />
</ItemGroup>
<ItemGroup>
<PackageReference Include="FluentValidation" Version="12.1.0" />
<PackageReference Include="FluentValidation.DependencyInjectionExtensions" Version="12.1.0" />
<PackageReference Include="MediatR" Version="13.1.0" />
</ItemGroup>
<PropertyGroup>
<TargetFramework>net9.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
</PropertyGroup>
</Project>

10
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Application/Commands/Login/LoginCommand.cs Normal file
View File

@@ -0,0 +1,10 @@
using ColaFlow.Modules.Identity.Application.Dtos;
using MediatR;
namespace ColaFlow.Modules.Identity.Application.Commands.Login;
public record LoginCommand(
string TenantSlug,
string Email,
string Password
) : IRequest<LoginResponseDto>;

84
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Application/Commands/Login/LoginCommandHandler.cs Normal file
View File

@@ -0,0 +1,84 @@
using ColaFlow.Modules.Identity.Application.Dtos;
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
using ColaFlow.Modules.Identity.Domain.Aggregates.Users;
using ColaFlow.Modules.Identity.Domain.Repositories;
using MediatR;
namespace ColaFlow.Modules.Identity.Application.Commands.Login;
public class LoginCommandHandler : IRequestHandler<LoginCommand, LoginResponseDto>
{
private readonly ITenantRepository _tenantRepository;
private readonly IUserRepository _userRepository;
// Note: In production, inject IPasswordHasher and IJwtService
public LoginCommandHandler(
ITenantRepository tenantRepository,
IUserRepository userRepository)
{
_tenantRepository = tenantRepository;
_userRepository = userRepository;
}
public async Task<LoginResponseDto> Handle(LoginCommand request, CancellationToken cancellationToken)
{
// 1. Find tenant
var slug = TenantSlug.Create(request.TenantSlug);
var tenant = await _tenantRepository.GetBySlugAsync(slug, cancellationToken);
if (tenant == null)
{
throw new UnauthorizedAccessException("Invalid credentials");
}
// 2. Find user
var email = Email.Create(request.Email);
var user = await _userRepository.GetByEmailAsync(TenantId.Create(tenant.Id), email, cancellationToken);
if (user == null)
{
throw new UnauthorizedAccessException("Invalid credentials");
}
// 3. Verify password (simplified - TODO: use IPasswordHasher)
// if (!PasswordHasher.Verify(request.Password, user.PasswordHash))
// {
// throw new UnauthorizedAccessException("Invalid credentials");
// }
// 4. Generate JWT token (simplified - TODO: use IJwtService)
var accessToken = "dummy-token";
// 5. Update last login time
user.RecordLogin();
await _userRepository.UpdateAsync(user, cancellationToken);
// 6. Return result
return new LoginResponseDto
{
User = new UserDto
{
Id = user.Id,
TenantId = tenant.Id,
Email = user.Email.Value,
FullName = user.FullName.Value,
Status = user.Status.ToString(),
AuthProvider = user.AuthProvider.ToString(),
IsEmailVerified = user.EmailVerifiedAt.HasValue,
LastLoginAt = user.LastLoginAt,
CreatedAt = user.CreatedAt
},
Tenant = new TenantDto
{
Id = tenant.Id,
Name = tenant.Name.Value,
Slug = tenant.Slug.Value,
Status = tenant.Status.ToString(),
Plan = tenant.Plan.ToString(),
SsoEnabled = tenant.SsoConfig != null,
SsoProvider = tenant.SsoConfig?.Provider.ToString(),
CreatedAt = tenant.CreatedAt,
UpdatedAt = tenant.UpdatedAt ?? tenant.CreatedAt
},
AccessToken = accessToken
};
}
}

19
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Application/Commands/Login/LoginCommandValidator.cs Normal file
View File

@@ -0,0 +1,19 @@
using FluentValidation;
namespace ColaFlow.Modules.Identity.Application.Commands.Login;
public class LoginCommandValidator : AbstractValidator<LoginCommand>
{
public LoginCommandValidator()
{
RuleFor(x => x.TenantSlug)
.NotEmpty().WithMessage("Tenant slug is required");
RuleFor(x => x.Email)
.NotEmpty().WithMessage("Email is required")
.EmailAddress().WithMessage("Invalid email format");
RuleFor(x => x.Password)
.NotEmpty().WithMessage("Password is required");
}
}

19
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Application/Commands/RegisterTenant/RegisterTenantCommand.cs Normal file
View File

@@ -0,0 +1,19 @@
using ColaFlow.Modules.Identity.Application.Dtos;
using MediatR;
namespace ColaFlow.Modules.Identity.Application.Commands.RegisterTenant;
public record RegisterTenantCommand(
string TenantName,
string TenantSlug,
string SubscriptionPlan,
string AdminEmail,
string AdminPassword,
string AdminFullName
) : IRequest<RegisterTenantResult>;
public record RegisterTenantResult(
TenantDto Tenant,
UserDto AdminUser,
string AccessToken
);

83
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Application/Commands/RegisterTenant/RegisterTenantCommandHandler.cs Normal file
View File

@@ -0,0 +1,83 @@
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
using ColaFlow.Modules.Identity.Domain.Aggregates.Users;
using ColaFlow.Modules.Identity.Domain.Repositories;
using MediatR;
namespace ColaFlow.Modules.Identity.Application.Commands.RegisterTenant;
public class RegisterTenantCommandHandler : IRequestHandler<RegisterTenantCommand, RegisterTenantResult>
{
private readonly ITenantRepository _tenantRepository;
private readonly IUserRepository _userRepository;
// Note: In production, inject IJwtService and IPasswordHasher
public RegisterTenantCommandHandler(
ITenantRepository tenantRepository,
IUserRepository userRepository)
{
_tenantRepository = tenantRepository;
_userRepository = userRepository;
}
public async Task<RegisterTenantResult> Handle(
RegisterTenantCommand request,
CancellationToken cancellationToken)
{
// 1. Validate slug uniqueness
var slug = TenantSlug.Create(request.TenantSlug);
var slugExists = await _tenantRepository.ExistsBySlugAsync(slug, cancellationToken);
if (slugExists)
{
throw new InvalidOperationException($"Tenant slug '{request.TenantSlug}' is already taken");
}
// 2. Create tenant
var plan = Enum.Parse<SubscriptionPlan>(request.SubscriptionPlan);
var tenant = Tenant.Create(
TenantName.Create(request.TenantName),
slug,
plan);
await _tenantRepository.AddAsync(tenant, cancellationToken);
// 3. Create admin user
// Note: In production, hash password first using IPasswordHasher
var adminUser = User.CreateLocal(
TenantId.Create(tenant.Id),
Email.Create(request.AdminEmail),
request.AdminPassword, // TODO: Hash password
FullName.Create(request.AdminFullName));
await _userRepository.AddAsync(adminUser, cancellationToken);
// 4. Generate JWT token (simplified - TODO: use IJwtService)
var accessToken = "dummy-token";
// 5. Return result
return new RegisterTenantResult(
new Dtos.TenantDto
{
Id = tenant.Id,
Name = tenant.Name.Value,
Slug = tenant.Slug.Value,
Status = tenant.Status.ToString(),
Plan = tenant.Plan.ToString(),
SsoEnabled = tenant.SsoConfig != null,
SsoProvider = tenant.SsoConfig?.Provider.ToString(),
CreatedAt = tenant.CreatedAt,
UpdatedAt = tenant.UpdatedAt ?? tenant.CreatedAt
},
new Dtos.UserDto
{
Id = adminUser.Id,
TenantId = tenant.Id,
Email = adminUser.Email.Value,
FullName = adminUser.FullName.Value,
Status = adminUser.Status.ToString(),
AuthProvider = adminUser.AuthProvider.ToString(),
IsEmailVerified = adminUser.EmailVerifiedAt.HasValue,
CreatedAt = adminUser.CreatedAt
},
accessToken);
}
}

43
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Application/Commands/RegisterTenant/RegisterTenantCommandValidator.cs Normal file
View File

@@ -0,0 +1,43 @@
using FluentValidation;
namespace ColaFlow.Modules.Identity.Application.Commands.RegisterTenant;
public class RegisterTenantCommandValidator : AbstractValidator<RegisterTenantCommand>
{
public RegisterTenantCommandValidator()
{
RuleFor(x => x.TenantName)
.NotEmpty().WithMessage("Tenant name is required")
.MinimumLength(2).WithMessage("Tenant name must be at least 2 characters")
.MaximumLength(100).WithMessage("Tenant name cannot exceed 100 characters");
RuleFor(x => x.TenantSlug)
.NotEmpty().WithMessage("Tenant slug is required")
.MinimumLength(3).WithMessage("Tenant slug must be at least 3 characters")
.MaximumLength(50).WithMessage("Tenant slug cannot exceed 50 characters")
.Matches("^[a-z0-9]+(?:-[a-z0-9]+)*$")
.WithMessage("Tenant slug can only contain lowercase letters, numbers, and hyphens");
RuleFor(x => x.SubscriptionPlan)
.NotEmpty().WithMessage("Subscription plan is required")
.Must(plan => new[] { "Free", "Starter", "Professional", "Enterprise" }.Contains(plan))
.WithMessage("Invalid subscription plan");
RuleFor(x => x.AdminEmail)
.NotEmpty().WithMessage("Admin email is required")
.EmailAddress().WithMessage("Invalid email format");
RuleFor(x => x.AdminPassword)
.NotEmpty().WithMessage("Admin password is required")
.MinimumLength(8).WithMessage("Password must be at least 8 characters")
.Matches("[A-Z]").WithMessage("Password must contain at least one uppercase letter")
.Matches("[a-z]").WithMessage("Password must contain at least one lowercase letter")
.Matches("[0-9]").WithMessage("Password must contain at least one digit")
.Matches("[^a-zA-Z0-9]").WithMessage("Password must contain at least one special character");
RuleFor(x => x.AdminFullName)
.NotEmpty().WithMessage("Admin full name is required")
.MinimumLength(2).WithMessage("Full name must be at least 2 characters")
.MaximumLength(100).WithMessage("Full name cannot exceed 100 characters");
}
}

21
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Application/DependencyInjection.cs Normal file
View File

@@ -0,0 +1,21 @@
using FluentValidation;
using Microsoft.Extensions.DependencyInjection;
namespace ColaFlow.Modules.Identity.Application;
public static class DependencyInjection
{
public static IServiceCollection AddIdentityApplication(this IServiceCollection services)
{
// MediatR
services.AddMediatR(config =>
{
config.RegisterServicesFromAssembly(typeof(DependencyInjection).Assembly);
});
// FluentValidation
services.AddValidatorsFromAssembly(typeof(DependencyInjection).Assembly);
return services;
}
}

8
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Application/Dtos/LoginResponseDto.cs Normal file
View File

@@ -0,0 +1,8 @@
namespace ColaFlow.Modules.Identity.Application.Dtos;
public class LoginResponseDto
{
public UserDto User { get; set; } = null!;
public TenantDto Tenant { get; set; } = null!;
public string AccessToken { get; set; } = string.Empty;
}

14
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Application/Dtos/TenantDto.cs Normal file
View File

@@ -0,0 +1,14 @@
namespace ColaFlow.Modules.Identity.Application.Dtos;
public class TenantDto
{
public Guid Id { get; set; }
public string Name { get; set; } = string.Empty;
public string Slug { get; set; } = string.Empty;
public string Status { get; set; } = string.Empty;
public string Plan { get; set; } = string.Empty;
public bool SsoEnabled { get; set; }
public string? SsoProvider { get; set; }
public DateTime CreatedAt { get; set; }
public DateTime UpdatedAt { get; set; }
}

16
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Application/Dtos/UserDto.cs Normal file
View File

@@ -0,0 +1,16 @@
namespace ColaFlow.Modules.Identity.Application.Dtos;
public class UserDto
{
public Guid Id { get; set; }
public Guid TenantId { get; set; }
public string Email { get; set; } = string.Empty;
public string FullName { get; set; } = string.Empty;
public string Status { get; set; } = string.Empty;
public string AuthProvider { get; set; } = string.Empty;
public string? AvatarUrl { get; set; }
public string? JobTitle { get; set; }
public bool IsEmailVerified { get; set; }
public DateTime? LastLoginAt { get; set; }
public DateTime CreatedAt { get; set; }
}

6
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Application/Queries/GetTenantBySlug/GetTenantBySlugQuery.cs Normal file
View File

@@ -0,0 +1,6 @@
using ColaFlow.Modules.Identity.Application.Dtos;
using MediatR;
namespace ColaFlow.Modules.Identity.Application.Queries.GetTenantBySlug;
public record GetTenantBySlugQuery(string Slug) : IRequest<TenantDto?>;

38
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Application/Queries/GetTenantBySlug/GetTenantBySlugQueryHandler.cs Normal file
View File

@@ -0,0 +1,38 @@
using ColaFlow.Modules.Identity.Application.Dtos;
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
using ColaFlow.Modules.Identity.Domain.Repositories;
using MediatR;
namespace ColaFlow.Modules.Identity.Application.Queries.GetTenantBySlug;
public class GetTenantBySlugQueryHandler : IRequestHandler<GetTenantBySlugQuery, TenantDto?>
{
private readonly ITenantRepository _tenantRepository;
public GetTenantBySlugQueryHandler(ITenantRepository tenantRepository)
{
_tenantRepository = tenantRepository;
}
public async Task<TenantDto?> Handle(GetTenantBySlugQuery request, CancellationToken cancellationToken)
{
var slug = TenantSlug.Create(request.Slug);
var tenant = await _tenantRepository.GetBySlugAsync(slug, cancellationToken);
if (tenant == null)
return null;
return new TenantDto
{
Id = tenant.Id,
Name = tenant.Name.Value,
Slug = tenant.Slug.Value,
Status = tenant.Status.ToString(),
Plan = tenant.Plan.ToString(),
SsoEnabled = tenant.SsoConfig != null,
SsoProvider = tenant.SsoConfig?.Provider.ToString(),
CreatedAt = tenant.CreatedAt,
UpdatedAt = tenant.UpdatedAt ?? tenant.CreatedAt
};
}
}

5
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/Events/SsoConfiguredEvent.cs Normal file
View File

@@ -0,0 +1,5 @@
using ColaFlow.Shared.Kernel.Events;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants.Events;
public sealed record SsoConfiguredEvent(Guid TenantId, SsoProvider Provider) : DomainEvent;

5
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/Events/SsoDisabledEvent.cs Normal file
View File

@@ -0,0 +1,5 @@
using ColaFlow.Shared.Kernel.Events;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants.Events;
public sealed record SsoDisabledEvent(Guid TenantId) : DomainEvent;

5
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/Events/TenantActivatedEvent.cs Normal file
View File

@@ -0,0 +1,5 @@
using ColaFlow.Shared.Kernel.Events;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants.Events;
public sealed record TenantActivatedEvent(Guid TenantId) : DomainEvent;

5
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/Events/TenantCancelledEvent.cs Normal file
View File

@@ -0,0 +1,5 @@
using ColaFlow.Shared.Kernel.Events;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants.Events;
public sealed record TenantCancelledEvent(Guid TenantId) : DomainEvent;

5
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/Events/TenantCreatedEvent.cs Normal file
View File

@@ -0,0 +1,5 @@
using ColaFlow.Shared.Kernel.Events;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants.Events;
public sealed record TenantCreatedEvent(Guid TenantId, string Slug) : DomainEvent;

5
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/Events/TenantPlanUpgradedEvent.cs Normal file
View File

@@ -0,0 +1,5 @@
using ColaFlow.Shared.Kernel.Events;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants.Events;
public sealed record TenantPlanUpgradedEvent(Guid TenantId, SubscriptionPlan NewPlan) : DomainEvent;

5
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/Events/TenantSuspendedEvent.cs Normal file
View File

@@ -0,0 +1,5 @@
using ColaFlow.Shared.Kernel.Events;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants.Events;
public sealed record TenantSuspendedEvent(Guid TenantId, string Reason) : DomainEvent;

93
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/SsoConfiguration.cs Normal file
View File

@@ -0,0 +1,93 @@
using ColaFlow.Shared.Kernel.Common;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
public sealed class SsoConfiguration : ValueObject
{
public SsoProvider Provider { get; }
public string Authority { get; }
public string ClientId { get; }
public string ClientSecret { get; } // Encrypted in database
public string? MetadataUrl { get; }
// SAML-specific
public string? EntityId { get; }
public string? SignOnUrl { get; }
public string? Certificate { get; }
private SsoConfiguration(
SsoProvider provider,
string authority,
string clientId,
string clientSecret,
string? metadataUrl = null,
string? entityId = null,
string? signOnUrl = null,
string? certificate = null)
{
Provider = provider;
Authority = authority;
ClientId = clientId;
ClientSecret = clientSecret;
MetadataUrl = metadataUrl;
EntityId = entityId;
SignOnUrl = signOnUrl;
Certificate = certificate;
}
public static SsoConfiguration CreateOidc(
SsoProvider provider,
string authority,
string clientId,
string clientSecret,
string? metadataUrl = null)
{
if (provider == SsoProvider.GenericSaml)
throw new ArgumentException("Use CreateSaml for SAML configuration");
if (string.IsNullOrWhiteSpace(authority))
throw new ArgumentException("Authority is required", nameof(authority));
if (string.IsNullOrWhiteSpace(clientId))
throw new ArgumentException("Client ID is required", nameof(clientId));
if (string.IsNullOrWhiteSpace(clientSecret))
throw new ArgumentException("Client secret is required", nameof(clientSecret));
return new SsoConfiguration(provider, authority, clientId, clientSecret, metadataUrl);
}
public static SsoConfiguration CreateSaml(
string entityId,
string signOnUrl,
string certificate,
string? metadataUrl = null)
{
if (string.IsNullOrWhiteSpace(entityId))
throw new ArgumentException("Entity ID is required", nameof(entityId));
if (string.IsNullOrWhiteSpace(signOnUrl))
throw new ArgumentException("Sign-on URL is required", nameof(signOnUrl));
if (string.IsNullOrWhiteSpace(certificate))
throw new ArgumentException("Certificate is required", nameof(certificate));
return new SsoConfiguration(
SsoProvider.GenericSaml,
signOnUrl,
entityId,
string.Empty, // No client secret for SAML
metadataUrl,
entityId,
signOnUrl,
certificate);
}
protected override IEnumerable<object> GetAtomicValues()
{
yield return Provider;
yield return Authority;
yield return ClientId;
yield return EntityId ?? string.Empty;
}
}

9
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/SsoProvider.cs Normal file
View File

@@ -0,0 +1,9 @@
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
public enum SsoProvider
{
AzureAD = 1,
Google = 2,
Okta = 3,
GenericSaml = 4
}

9
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/SubscriptionPlan.cs Normal file
View File

@@ -0,0 +1,9 @@
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
public enum SubscriptionPlan
{
Free = 1,
Starter = 2,
Professional = 3,
Enterprise = 4
}

175
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/Tenant.cs Normal file
View File

@@ -0,0 +1,175 @@
using ColaFlow.Shared.Kernel.Common;
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants.Events;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
/// <summary>
/// Tenant aggregate root - represents a single organization/company in the system
/// </summary>
public sealed class Tenant : AggregateRoot
{
// Properties
public TenantName Name { get; private set; } = null!;
public TenantSlug Slug { get; private set; } = null!;
public TenantStatus Status { get; private set; }
public SubscriptionPlan Plan { get; private set; }
public SsoConfiguration? SsoConfig { get; private set; }
public DateTime CreatedAt { get; private set; }
public DateTime? UpdatedAt { get; private set; }
public DateTime? SuspendedAt { get; private set; }
public string? SuspensionReason { get; private set; }
// Settings
public int MaxUsers { get; private set; }
public int MaxProjects { get; private set; }
public int MaxStorageGB { get; private set; }
// Private constructor for EF Core
private Tenant() : base()
{
}
// Factory method for creating new tenant
public static Tenant Create(
TenantName name,
TenantSlug slug,
SubscriptionPlan plan = SubscriptionPlan.Free)
{
var tenant = new Tenant
{
Id = Guid.NewGuid(),
Name = name,
Slug = slug,
Status = TenantStatus.Active,
Plan = plan,
CreatedAt = DateTime.UtcNow,
MaxUsers = GetMaxUsersByPlan(plan),
MaxProjects = GetMaxProjectsByPlan(plan),
MaxStorageGB = GetMaxStorageByPlan(plan)
};
tenant.AddDomainEvent(new TenantCreatedEvent(tenant.Id, tenant.Slug));
return tenant;
}
// Business methods
public void UpdateName(TenantName newName)
{
if (Status == TenantStatus.Cancelled)
throw new InvalidOperationException("Cannot update cancelled tenant");
Name = newName;
UpdatedAt = DateTime.UtcNow;
}
public void UpgradePlan(SubscriptionPlan newPlan)
{
if (newPlan <= Plan)
throw new InvalidOperationException("New plan must be higher than current plan");
if (Status != TenantStatus.Active && Status != TenantStatus.Trial)
throw new InvalidOperationException("Only active or trial tenants can upgrade");
Plan = newPlan;
MaxUsers = GetMaxUsersByPlan(newPlan);
MaxProjects = GetMaxProjectsByPlan(newPlan);
MaxStorageGB = GetMaxStorageByPlan(newPlan);
UpdatedAt = DateTime.UtcNow;
AddDomainEvent(new TenantPlanUpgradedEvent(Id, newPlan));
}
public void ConfigureSso(SsoConfiguration ssoConfig)
{
if (Plan == SubscriptionPlan.Free || Plan == SubscriptionPlan.Starter)
throw new InvalidOperationException("SSO is only available for Professional and Enterprise plans");
SsoConfig = ssoConfig;
UpdatedAt = DateTime.UtcNow;
AddDomainEvent(new SsoConfiguredEvent(Id, ssoConfig.Provider));
}
public void DisableSso()
{
if (SsoConfig == null)
throw new InvalidOperationException("SSO is not configured");
SsoConfig = null;
UpdatedAt = DateTime.UtcNow;
AddDomainEvent(new SsoDisabledEvent(Id));
}
public void Activate()
{
if (Status == TenantStatus.Cancelled)
throw new InvalidOperationException("Cannot activate cancelled tenant");
if (Status == TenantStatus.Active)
return; // Already active
Status = TenantStatus.Active;
SuspendedAt = null;
SuspensionReason = null;
UpdatedAt = DateTime.UtcNow;
AddDomainEvent(new TenantActivatedEvent(Id));
}
public void Suspend(string reason)
{
if (Status == TenantStatus.Cancelled)
throw new InvalidOperationException("Cannot suspend cancelled tenant");
if (Status == TenantStatus.Suspended)
return; // Already suspended
Status = TenantStatus.Suspended;
SuspendedAt = DateTime.UtcNow;
SuspensionReason = reason;
UpdatedAt = DateTime.UtcNow;
AddDomainEvent(new TenantSuspendedEvent(Id, reason));
}
public void Cancel()
{
if (Status == TenantStatus.Cancelled)
return; // Already cancelled
Status = TenantStatus.Cancelled;
UpdatedAt = DateTime.UtcNow;
AddDomainEvent(new TenantCancelledEvent(Id));
}
// Plan limits
private static int GetMaxUsersByPlan(SubscriptionPlan plan) => plan switch
{
SubscriptionPlan.Free => 5,
SubscriptionPlan.Starter => 20,
SubscriptionPlan.Professional => 100,
SubscriptionPlan.Enterprise => int.MaxValue,
_ => throw new ArgumentOutOfRangeException(nameof(plan))
};
private static int GetMaxProjectsByPlan(SubscriptionPlan plan) => plan switch
{
SubscriptionPlan.Free => 3,
SubscriptionPlan.Starter => 20,
SubscriptionPlan.Professional => 100,
SubscriptionPlan.Enterprise => int.MaxValue,
_ => throw new ArgumentOutOfRangeException(nameof(plan))
};
private static int GetMaxStorageByPlan(SubscriptionPlan plan) => plan switch
{
SubscriptionPlan.Free => 2,
SubscriptionPlan.Starter => 20,
SubscriptionPlan.Professional => 100,
SubscriptionPlan.Enterprise => 1000,
_ => throw new ArgumentOutOfRangeException(nameof(plan))
};
}

33
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/TenantId.cs Normal file
View File

@@ -0,0 +1,33 @@
using ColaFlow.Shared.Kernel.Common;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
public sealed class TenantId : ValueObject
{
public Guid Value { get; }
private TenantId(Guid value)
{
Value = value;
}
public static TenantId CreateUnique() => new(Guid.NewGuid());
public static TenantId Create(Guid value)
{
if (value == Guid.Empty)
throw new ArgumentException("Tenant ID cannot be empty", nameof(value));
return new TenantId(value);
}
protected override IEnumerable<object> GetAtomicValues()
{
yield return Value;
}
public override string ToString() => Value.ToString();
// Implicit conversion
public static implicit operator Guid(TenantId tenantId) => tenantId.Value;
}

37
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/TenantName.cs Normal file
View File

@@ -0,0 +1,37 @@
using ColaFlow.Shared.Kernel.Common;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
public sealed class TenantName : ValueObject
{
public string Value { get; }
private TenantName(string value)
{
Value = value;
}
public static TenantName Create(string value)
{
if (string.IsNullOrWhiteSpace(value))
throw new ArgumentException("Tenant name cannot be empty", nameof(value));
if (value.Length < 2)
throw new ArgumentException("Tenant name must be at least 2 characters", nameof(value));
if (value.Length > 100)
throw new ArgumentException("Tenant name cannot exceed 100 characters", nameof(value));
return new TenantName(value.Trim());
}
protected override IEnumerable<object> GetAtomicValues()
{
yield return Value;
}
public override string ToString() => Value;
// Implicit conversion
public static implicit operator string(TenantName name) => name.Value;
}

50
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/TenantSlug.cs Normal file
View File

@@ -0,0 +1,50 @@
using System.Text.RegularExpressions;
using ColaFlow.Shared.Kernel.Common;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
public sealed class TenantSlug : ValueObject
{
private static readonly Regex SlugRegex = new(@"^[a-z0-9]+(?:-[a-z0-9]+)*$", RegexOptions.Compiled);
public string Value { get; }
private TenantSlug(string value)
{
Value = value;
}
public static TenantSlug Create(string value)
{
if (string.IsNullOrWhiteSpace(value))
throw new ArgumentException("Tenant slug cannot be empty", nameof(value));
value = value.ToLowerInvariant().Trim();
if (value.Length < 3)
throw new ArgumentException("Tenant slug must be at least 3 characters", nameof(value));
if (value.Length > 50)
throw new ArgumentException("Tenant slug cannot exceed 50 characters", nameof(value));
if (!SlugRegex.IsMatch(value))
throw new ArgumentException("Tenant slug can only contain lowercase letters, numbers, and hyphens", nameof(value));
// Reserved slugs
var reservedSlugs = new[] { "www", "api", "admin", "app", "dashboard", "docs", "blog", "support" };
if (reservedSlugs.Contains(value))
throw new ArgumentException($"Tenant slug '{value}' is reserved", nameof(value));
return new TenantSlug(value);
}
protected override IEnumerable<object> GetAtomicValues()
{
yield return Value;
}
public override string ToString() => Value;
// Implicit conversion
public static implicit operator string(TenantSlug slug) => slug.Value;
}

9
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Tenants/TenantStatus.cs Normal file
View File

@@ -0,0 +1,9 @@
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
public enum TenantStatus
{
Active = 1,
Trial = 2,
Suspended = 3,
Cancelled = 4
}

10
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Users/AuthenticationProvider.cs Normal file
View File

@@ -0,0 +1,10 @@
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Users;
public enum AuthenticationProvider
{
Local = 1, // Username/password
AzureAD = 2, // Microsoft Azure AD
Google = 3, // Google Workspace
Okta = 4, // Okta
GenericSaml = 5 // Generic SAML 2.0
}

44
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Users/Email.cs Normal file
View File

@@ -0,0 +1,44 @@
using System.Text.RegularExpressions;
using ColaFlow.Shared.Kernel.Common;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Users;
public sealed class Email : ValueObject
{
private static readonly Regex EmailRegex = new(
@"^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$",
RegexOptions.Compiled);
public string Value { get; }
private Email(string value)
{
Value = value;
}
public static Email Create(string value)
{
if (string.IsNullOrWhiteSpace(value))
throw new ArgumentException("Email cannot be empty", nameof(value));
value = value.ToLowerInvariant().Trim();
if (value.Length > 255)
throw new ArgumentException("Email cannot exceed 255 characters", nameof(value));
if (!EmailRegex.IsMatch(value))
throw new ArgumentException("Invalid email format", nameof(value));
return new Email(value);
}
protected override IEnumerable<object> GetAtomicValues()
{
yield return Value;
}
public override string ToString() => Value;
// Implicit conversion
public static implicit operator string(Email email) => email.Value;
}

6
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Users/Events/UserCreatedEvent.cs Normal file
View File

@@ -0,0 +1,6 @@
using ColaFlow.Shared.Kernel.Events;
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Users.Events;
public sealed record UserCreatedEvent(Guid UserId, string Email, TenantId TenantId) : DomainEvent;

10
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Users/Events/UserCreatedFromSsoEvent.cs Normal file
View File

@@ -0,0 +1,10 @@
using ColaFlow.Shared.Kernel.Events;
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Users.Events;
public sealed record UserCreatedFromSsoEvent(
Guid UserId,
string Email,
TenantId TenantId,
AuthenticationProvider Provider) : DomainEvent;

5
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Users/Events/UserPasswordChangedEvent.cs Normal file
View File

@@ -0,0 +1,5 @@
using ColaFlow.Shared.Kernel.Events;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Users.Events;
public sealed record UserPasswordChangedEvent(Guid UserId) : DomainEvent;

5
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Users/Events/UserSuspendedEvent.cs Normal file
View File

@@ -0,0 +1,5 @@
using ColaFlow.Shared.Kernel.Events;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Users.Events;
public sealed record UserSuspendedEvent(Guid UserId, string Reason) : DomainEvent;

37
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Users/FullName.cs Normal file
View File

@@ -0,0 +1,37 @@
using ColaFlow.Shared.Kernel.Common;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Users;
public sealed class FullName : ValueObject
{
public string Value { get; }
private FullName(string value)
{
Value = value;
}
public static FullName Create(string value)
{
if (string.IsNullOrWhiteSpace(value))
throw new ArgumentException("Full name cannot be empty", nameof(value));
if (value.Length < 2)
throw new ArgumentException("Full name must be at least 2 characters", nameof(value));
if (value.Length > 100)
throw new ArgumentException("Full name cannot exceed 100 characters", nameof(value));
return new FullName(value.Trim());
}
protected override IEnumerable<object> GetAtomicValues()
{
yield return Value;
}
public override string ToString() => Value;
// Implicit conversion
public static implicit operator string(FullName name) => name.Value;
}

213
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Users/User.cs Normal file
View File

@@ -0,0 +1,213 @@
using ColaFlow.Shared.Kernel.Common;
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
using ColaFlow.Modules.Identity.Domain.Aggregates.Users.Events;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Users;
/// <summary>
/// User aggregate root - multi-tenant aware with SSO support
/// </summary>
public sealed class User : AggregateRoot
{
// Tenant association
public TenantId TenantId { get; private set; } = null!;
// User identity
public Email Email { get; private set; } = null!;
public string PasswordHash { get; private set; } = string.Empty;
public FullName FullName { get; private set; } = null!;
public UserStatus Status { get; private set; }
// SSO properties
public AuthenticationProvider AuthProvider { get; private set; }
public string? ExternalUserId { get; private set; } // IdP user ID
public string? ExternalEmail { get; private set; } // Email from IdP
// Profile
public string? AvatarUrl { get; private set; }
public string? JobTitle { get; private set; }
public string? PhoneNumber { get; private set; }
// Timestamps
public DateTime CreatedAt { get; private set; }
public DateTime? UpdatedAt { get; private set; }
public DateTime? LastLoginAt { get; private set; }
public DateTime? EmailVerifiedAt { get; private set; }
// Security
public string? EmailVerificationToken { get; private set; }
public string? PasswordResetToken { get; private set; }
public DateTime? PasswordResetTokenExpiresAt { get; private set; }
// Private constructor for EF Core
private User() : base()
{
}
// Factory method for local authentication
public static User CreateLocal(
TenantId tenantId,
Email email,
string passwordHash,
FullName fullName)
{
var user = new User
{
Id = Guid.NewGuid(),
TenantId = tenantId,
Email = email,
PasswordHash = passwordHash,
FullName = fullName,
Status = UserStatus.Active,
AuthProvider = AuthenticationProvider.Local,
CreatedAt = DateTime.UtcNow
};
user.AddDomainEvent(new UserCreatedEvent(user.Id, user.Email, tenantId));
return user;
}
// Factory method for SSO authentication
public static User CreateFromSso(
TenantId tenantId,
AuthenticationProvider provider,
string externalUserId,
Email email,
FullName fullName,
string? avatarUrl = null)
{
if (provider == AuthenticationProvider.Local)
throw new ArgumentException("Use CreateLocal for local authentication");
var user = new User
{
Id = Guid.NewGuid(),
TenantId = tenantId,
Email = email,
PasswordHash = string.Empty, // No password for SSO users
FullName = fullName,
Status = UserStatus.Active,
AuthProvider = provider,
ExternalUserId = externalUserId,
ExternalEmail = email,
AvatarUrl = avatarUrl,
CreatedAt = DateTime.UtcNow,
EmailVerifiedAt = DateTime.UtcNow // Trust IdP verification
};
user.AddDomainEvent(new UserCreatedFromSsoEvent(user.Id, user.Email, tenantId, provider));
return user;
}
// Business methods
public void UpdatePassword(string newPasswordHash)
{
if (AuthProvider != AuthenticationProvider.Local)
throw new InvalidOperationException("Cannot change password for SSO users");
if (string.IsNullOrWhiteSpace(newPasswordHash))
throw new ArgumentException("Password hash cannot be empty", nameof(newPasswordHash));
PasswordHash = newPasswordHash;
UpdatedAt = DateTime.UtcNow;
AddDomainEvent(new UserPasswordChangedEvent(Id));
}
public void UpdateProfile(FullName? fullName = null, string? avatarUrl = null, string? jobTitle = null, string? phoneNumber = null)
{
if (fullName is not null)
FullName = fullName;
if (avatarUrl is not null)
AvatarUrl = avatarUrl;
if (jobTitle is not null)
JobTitle = jobTitle;
if (phoneNumber is not null)
PhoneNumber = phoneNumber;
UpdatedAt = DateTime.UtcNow;
}
public void RecordLogin()
{
LastLoginAt = DateTime.UtcNow;
UpdatedAt = DateTime.UtcNow;
}
public void VerifyEmail()
{
EmailVerifiedAt = DateTime.UtcNow;
EmailVerificationToken = null;
UpdatedAt = DateTime.UtcNow;
}
public void Suspend(string reason)
{
if (Status == UserStatus.Deleted)
throw new InvalidOperationException("Cannot suspend deleted user");
Status = UserStatus.Suspended;
UpdatedAt = DateTime.UtcNow;
AddDomainEvent(new UserSuspendedEvent(Id, reason));
}
public void Reactivate()
{
if (Status == UserStatus.Deleted)
throw new InvalidOperationException("Cannot reactivate deleted user");
Status = UserStatus.Active;
UpdatedAt = DateTime.UtcNow;
}
public void Delete()
{
Status = UserStatus.Deleted;
UpdatedAt = DateTime.UtcNow;
}
// SSO-specific methods
public void UpdateSsoProfile(string externalUserId, Email email, FullName fullName, string? avatarUrl = null)
{
if (AuthProvider == AuthenticationProvider.Local)
throw new InvalidOperationException("Cannot update SSO profile for local users");
ExternalUserId = externalUserId;
ExternalEmail = email;
FullName = fullName;
if (avatarUrl is not null)
AvatarUrl = avatarUrl;
UpdatedAt = DateTime.UtcNow;
}
public void SetPasswordResetToken(string token, DateTime expiresAt)
{
if (AuthProvider != AuthenticationProvider.Local)
throw new InvalidOperationException("Cannot set password reset token for SSO users");
PasswordResetToken = token;
PasswordResetTokenExpiresAt = expiresAt;
UpdatedAt = DateTime.UtcNow;
}
public void ClearPasswordResetToken()
{
PasswordResetToken = null;
PasswordResetTokenExpiresAt = null;
UpdatedAt = DateTime.UtcNow;
}
public void SetEmailVerificationToken(string token)
{
EmailVerificationToken = token;
UpdatedAt = DateTime.UtcNow;
}
}

33
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Users/UserId.cs Normal file
View File

@@ -0,0 +1,33 @@
using ColaFlow.Shared.Kernel.Common;
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Users;
public sealed class UserId : ValueObject
{
public Guid Value { get; }
private UserId(Guid value)
{
Value = value;
}
public static UserId CreateUnique() => new(Guid.NewGuid());
public static UserId Create(Guid value)
{
if (value == Guid.Empty)
throw new ArgumentException("User ID cannot be empty", nameof(value));
return new UserId(value);
}
protected override IEnumerable<object> GetAtomicValues()
{
yield return Value;
}
public override string ToString() => Value.ToString();
// Implicit conversion
public static implicit operator Guid(UserId userId) => userId.Value;
}

8
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Aggregates/Users/UserStatus.cs Normal file
View File

@@ -0,0 +1,8 @@
namespace ColaFlow.Modules.Identity.Domain.Aggregates.Users;
public enum UserStatus
{
Active = 1,
Suspended = 2,
Deleted = 3
}

13
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/ColaFlow.Modules.Identity.Domain.csproj Normal file
View File

@@ -0,0 +1,13 @@
<Project Sdk="Microsoft.NET.Sdk">
<ItemGroup>
<ProjectReference Include="..\..\..\Shared\ColaFlow.Shared.Kernel\ColaFlow.Shared.Kernel.csproj" />
</ItemGroup>
<PropertyGroup>
<TargetFramework>net9.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
</PropertyGroup>
</Project>

44
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Repositories/ITenantRepository.cs Normal file
View File

@@ -0,0 +1,44 @@
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
namespace ColaFlow.Modules.Identity.Domain.Repositories;
/// <summary>
/// Repository interface for Tenant aggregate
/// </summary>
public interface ITenantRepository
{
/// <summary>
/// Get tenant by ID
/// </summary>
Task<Tenant?> GetByIdAsync(TenantId tenantId, CancellationToken cancellationToken = default);
/// <summary>
/// Get tenant by slug (unique subdomain identifier)
/// </summary>
Task<Tenant?> GetBySlugAsync(TenantSlug slug, CancellationToken cancellationToken = default);
/// <summary>
/// Check if a slug already exists
/// </summary>
Task<bool> ExistsBySlugAsync(TenantSlug slug, CancellationToken cancellationToken = default);
/// <summary>
/// Get all tenants (admin operation)
/// </summary>
Task<IReadOnlyList<Tenant>> GetAllAsync(CancellationToken cancellationToken = default);
/// <summary>
/// Add a new tenant
/// </summary>
Task AddAsync(Tenant tenant, CancellationToken cancellationToken = default);
/// <summary>
/// Update an existing tenant
/// </summary>
Task UpdateAsync(Tenant tenant, CancellationToken cancellationToken = default);
/// <summary>
/// Delete a tenant (hard delete)
/// </summary>
Task DeleteAsync(Tenant tenant, CancellationToken cancellationToken = default);
}

59
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Domain/Repositories/IUserRepository.cs Normal file
View File

@@ -0,0 +1,59 @@
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
using ColaFlow.Modules.Identity.Domain.Aggregates.Users;
namespace ColaFlow.Modules.Identity.Domain.Repositories;
/// <summary>
/// Repository interface for User aggregate
/// </summary>
public interface IUserRepository
{
/// <summary>
/// Get user by ID
/// </summary>
Task<User?> GetByIdAsync(UserId userId, CancellationToken cancellationToken = default);
/// <summary>
/// Get user by email within a tenant
/// </summary>
Task<User?> GetByEmailAsync(TenantId tenantId, Email email, CancellationToken cancellationToken = default);
/// <summary>
/// Get user by external SSO ID within a tenant
/// </summary>
Task<User?> GetByExternalIdAsync(
TenantId tenantId,
AuthenticationProvider provider,
string externalUserId,
CancellationToken cancellationToken = default);
/// <summary>
/// Check if an email already exists within a tenant
/// </summary>
Task<bool> ExistsByEmailAsync(TenantId tenantId, Email email, CancellationToken cancellationToken = default);
/// <summary>
/// Get all users for a tenant
/// </summary>
Task<IReadOnlyList<User>> GetAllByTenantAsync(TenantId tenantId, CancellationToken cancellationToken = default);
/// <summary>
/// Get active users count for a tenant
/// </summary>
Task<int> GetActiveUsersCountAsync(TenantId tenantId, CancellationToken cancellationToken = default);
/// <summary>
/// Add a new user
/// </summary>
Task AddAsync(User user, CancellationToken cancellationToken = default);
/// <summary>
/// Update an existing user
/// </summary>
Task UpdateAsync(User user, CancellationToken cancellationToken = default);
/// <summary>
/// Delete a user (hard delete)
/// </summary>
Task DeleteAsync(User user, CancellationToken cancellationToken = default);
}

24
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Infrastructure/ColaFlow.Modules.Identity.Infrastructure.csproj Normal file
View File

@@ -0,0 +1,24 @@
<Project Sdk="Microsoft.NET.Sdk">
<ItemGroup>
<ProjectReference Include="..\ColaFlow.Modules.Identity.Application\ColaFlow.Modules.Identity.Application.csproj" />
</ItemGroup>
<ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Http" Version="2.3.0" />
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="9.0.10" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="9.0.10">
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
<PrivateAssets>all</PrivateAssets>
</PackageReference>
<PackageReference Include="Microsoft.Extensions.Http" Version="9.0.10" />
<PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="9.0.4" />
</ItemGroup>
<PropertyGroup>
<TargetFramework>net9.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
</PropertyGroup>
</Project>

33
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Infrastructure/DependencyInjection.cs Normal file
View File

@@ -0,0 +1,33 @@
using ColaFlow.Modules.Identity.Domain.Repositories;
using ColaFlow.Modules.Identity.Infrastructure.Persistence;
using ColaFlow.Modules.Identity.Infrastructure.Persistence.Repositories;
using ColaFlow.Modules.Identity.Infrastructure.Services;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
namespace ColaFlow.Modules.Identity.Infrastructure;
public static class DependencyInjection
{
public static IServiceCollection AddIdentityInfrastructure(
this IServiceCollection services,
IConfiguration configuration)
{
// DbContext (using connection string)
services.AddDbContext<IdentityDbContext>(options =>
options.UseNpgsql(
configuration.GetConnectionString("DefaultConnection"),
b => b.MigrationsAssembly(typeof(IdentityDbContext).Assembly.FullName)));
// Tenant Context (Scoped - one instance per request)
services.AddScoped<ITenantContext, TenantContext>();
services.AddHttpContextAccessor(); // Required for HttpContext access
// Repositories
services.AddScoped<ITenantRepository, TenantRepository>();
services.AddScoped<IUserRepository, UserRepository>();
return services;
}
}

96
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Infrastructure/Persistence/Configurations/TenantConfiguration.cs Normal file
View File

@@ -0,0 +1,96 @@
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
using Microsoft.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore.Metadata.Builders;
using System.Text.Json;
namespace ColaFlow.Modules.Identity.Infrastructure.Persistence.Configurations;
public class TenantConfiguration : IEntityTypeConfiguration<Tenant>
{
public void Configure(EntityTypeBuilder<Tenant> builder)
{
builder.ToTable("tenants");
// Primary Key
builder.HasKey(t => t.Id);
builder.Property(t => t.Id)
.HasConversion(
id => (Guid)id,
value => TenantId.Create(value))
.HasColumnName("id");
// Value Object mappings
builder.Property(t => t.Name)
.HasConversion(
name => name.Value,
value => TenantName.Create(value))
.HasMaxLength(100)
.IsRequired()
.HasColumnName("name");
builder.Property(t => t.Slug)
.HasConversion(
slug => slug.Value,
value => TenantSlug.Create(value))
.HasMaxLength(50)
.IsRequired()
.HasColumnName("slug");
builder.HasIndex(t => t.Slug)
.IsUnique()
.HasDatabaseName("ix_tenants_slug");
// Enum mappings
builder.Property(t => t.Status)
.HasConversion<string>()
.HasMaxLength(50)
.IsRequired()
.HasColumnName("status");
builder.Property(t => t.Plan)
.HasConversion<string>()
.HasMaxLength(50)
.IsRequired()
.HasColumnName("plan");
// SSO Configuration (stored as JSON)
builder.Property(t => t.SsoConfig)
.HasConversion(
config => config != null ? JsonSerializer.Serialize(config, (JsonSerializerOptions?)null) : null,
json => json != null ? JsonSerializer.Deserialize<SsoConfiguration>(json, (JsonSerializerOptions?)null) : null)
.HasColumnType("jsonb")
.HasColumnName("sso_config");
// Timestamps
builder.Property(t => t.CreatedAt)
.IsRequired()
.HasColumnName("created_at");
builder.Property(t => t.UpdatedAt)
.HasColumnName("updated_at");
builder.Property(t => t.SuspendedAt)
.HasColumnName("suspended_at");
builder.Property(t => t.SuspensionReason)
.HasMaxLength(500)
.HasColumnName("suspension_reason");
// Settings
builder.Property(t => t.MaxUsers)
.IsRequired()
.HasColumnName("max_users");
builder.Property(t => t.MaxProjects)
.IsRequired()
.HasColumnName("max_projects");
builder.Property(t => t.MaxStorageGB)
.IsRequired()
.HasColumnName("max_storage_gb");
// Ignore domain events (not stored in database)
builder.Ignore(t => t.DomainEvents);
}
}

126
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Infrastructure/Persistence/Configurations/UserConfiguration.cs Normal file
View File

@@ -0,0 +1,126 @@
using ColaFlow.Modules.Identity.Domain.Aggregates.Users;
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
using Microsoft.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore.Metadata.Builders;
namespace ColaFlow.Modules.Identity.Infrastructure.Persistence.Configurations;
public class UserConfiguration : IEntityTypeConfiguration<User>
{
public void Configure(EntityTypeBuilder<User> builder)
{
builder.ToTable("users");
// Primary Key
builder.HasKey(u => u.Id);
builder.Property(u => u.Id)
.HasConversion(
id => (Guid)id,
value => UserId.Create(value))
.HasColumnName("id");
// Tenant ID (foreign key)
builder.Property(u => u.TenantId)
.HasConversion(
id => (Guid)id,
value => TenantId.Create(value))
.IsRequired()
.HasColumnName("tenant_id");
// Optional: Create foreign key relationship
// builder.HasOne<Tenant>()
// .WithMany()
// .HasForeignKey(u => u.TenantId)
// .OnDelete(DeleteBehavior.Restrict);
// Value Object mappings
builder.Property(u => u.Email)
.HasConversion(
email => email.Value,
value => Email.Create(value))
.HasMaxLength(255)
.IsRequired()
.HasColumnName("email");
builder.Property(u => u.FullName)
.HasConversion(
name => name.Value,
value => FullName.Create(value))
.HasMaxLength(100)
.IsRequired()
.HasColumnName("full_name");
// Composite unique index (email unique within tenant)
builder.HasIndex(u => new { u.TenantId, u.Email })
.IsUnique()
.HasDatabaseName("ix_users_tenant_id_email");
// Enum mappings
builder.Property(u => u.Status)
.HasConversion<string>()
.HasMaxLength(50)
.IsRequired()
.HasColumnName("status");
builder.Property(u => u.AuthProvider)
.HasConversion<string>()
.HasMaxLength(50)
.IsRequired()
.HasColumnName("auth_provider");
// Nullable fields
builder.Property(u => u.PasswordHash)
.HasMaxLength(255)
.HasColumnName("password_hash");
builder.Property(u => u.ExternalUserId)
.HasMaxLength(255)
.HasColumnName("external_user_id");
builder.Property(u => u.ExternalEmail)
.HasMaxLength(255)
.HasColumnName("external_email");
builder.Property(u => u.AvatarUrl)
.HasMaxLength(500)
.HasColumnName("avatar_url");
builder.Property(u => u.JobTitle)
.HasMaxLength(100)
.HasColumnName("job_title");
builder.Property(u => u.PhoneNumber)
.HasMaxLength(50)
.HasColumnName("phone_number");
// Timestamps
builder.Property(u => u.CreatedAt)
.IsRequired()
.HasColumnName("created_at");
builder.Property(u => u.UpdatedAt)
.HasColumnName("updated_at");
builder.Property(u => u.LastLoginAt)
.HasColumnName("last_login_at");
builder.Property(u => u.EmailVerifiedAt)
.HasColumnName("email_verified_at");
// Security tokens
builder.Property(u => u.EmailVerificationToken)
.HasMaxLength(255)
.HasColumnName("email_verification_token");
builder.Property(u => u.PasswordResetToken)
.HasMaxLength(255)
.HasColumnName("password_reset_token");
builder.Property(u => u.PasswordResetTokenExpiresAt)
.HasColumnName("password_reset_token_expires_at");
// Ignore domain events
builder.Ignore(u => u.DomainEvents);
}
}

51
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Infrastructure/Persistence/IdentityDbContext.cs Normal file
View File

@@ -0,0 +1,51 @@
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
using ColaFlow.Modules.Identity.Domain.Aggregates.Users;
using ColaFlow.Modules.Identity.Infrastructure.Services;
using Microsoft.EntityFrameworkCore;
namespace ColaFlow.Modules.Identity.Infrastructure.Persistence;
public class IdentityDbContext : DbContext
{
private readonly ITenantContext _tenantContext;
public IdentityDbContext(
DbContextOptions<IdentityDbContext> options,
ITenantContext tenantContext)
: base(options)
{
_tenantContext = tenantContext;
}
public DbSet<Tenant> Tenants => Set<Tenant>();
public DbSet<User> Users => Set<User>();
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
base.OnModelCreating(modelBuilder);
// Apply all configurations from assembly
modelBuilder.ApplyConfigurationsFromAssembly(typeof(IdentityDbContext).Assembly);
// Configure Global Query Filters (automatic tenant data filtering)
ConfigureGlobalQueryFilters(modelBuilder);
}
private void ConfigureGlobalQueryFilters(ModelBuilder modelBuilder)
{
// User entity global query filter
// Automatically adds: WHERE tenant_id = @current_tenant_id
modelBuilder.Entity<User>().HasQueryFilter(u =>
!_tenantContext.IsSet || u.TenantId == _tenantContext.TenantId);
// Tenant entity doesn't need filter (need to query all tenants)
}
/// <summary>
/// Disable Query Filter (for admin operations)
/// </summary>
public IQueryable<T> WithoutTenantFilter<T>() where T : class
{
return Set<T>().IgnoreQueryFilters();
}
}

208
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Infrastructure/Persistence/Migrations/20251103125512_InitialIdentityModule.Designer.cs generated Normal file
View File

@@ -0,0 +1,208 @@
// <auto-generated />
using System;
using ColaFlow.Modules.Identity.Infrastructure.Persistence;
using Microsoft.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore.Infrastructure;
using Microsoft.EntityFrameworkCore.Migrations;
using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
#nullable disable
namespace ColaFlow.Modules.Identity.Infrastructure.Persistence.Migrations
{
[DbContext(typeof(IdentityDbContext))]
[Migration("20251103125512_InitialIdentityModule")]
partial class InitialIdentityModule
{
/// <inheritdoc />
protected override void BuildTargetModel(ModelBuilder modelBuilder)
{
#pragma warning disable 612, 618
modelBuilder
.HasAnnotation("ProductVersion", "9.0.10")
.HasAnnotation("Relational:MaxIdentifierLength", 63);
NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder);
modelBuilder.Entity("ColaFlow.Modules.Identity.Domain.Aggregates.Tenants.Tenant", b =>
{
b.Property<Guid>("Id")
.ValueGeneratedOnAdd()
.HasColumnType("uuid")
.HasColumnName("id");
b.Property<DateTime>("CreatedAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("created_at");
b.Property<int>("MaxProjects")
.HasColumnType("integer")
.HasColumnName("max_projects");
b.Property<int>("MaxStorageGB")
.HasColumnType("integer")
.HasColumnName("max_storage_gb");
b.Property<int>("MaxUsers")
.HasColumnType("integer")
.HasColumnName("max_users");
b.Property<string>("Name")
.IsRequired()
.HasMaxLength(100)
.HasColumnType("character varying(100)")
.HasColumnName("name");
b.Property<string>("Plan")
.IsRequired()
.HasMaxLength(50)
.HasColumnType("character varying(50)")
.HasColumnName("plan");
b.Property<string>("Slug")
.IsRequired()
.HasMaxLength(50)
.HasColumnType("character varying(50)")
.HasColumnName("slug");
b.Property<string>("SsoConfig")
.HasColumnType("jsonb")
.HasColumnName("sso_config");
b.Property<string>("Status")
.IsRequired()
.HasMaxLength(50)
.HasColumnType("character varying(50)")
.HasColumnName("status");
b.Property<DateTime?>("SuspendedAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("suspended_at");
b.Property<string>("SuspensionReason")
.HasMaxLength(500)
.HasColumnType("character varying(500)")
.HasColumnName("suspension_reason");
b.Property<DateTime?>("UpdatedAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("updated_at");
b.HasKey("Id");
b.HasIndex("Slug")
.IsUnique()
.HasDatabaseName("ix_tenants_slug");
b.ToTable("tenants", (string)null);
});
modelBuilder.Entity("ColaFlow.Modules.Identity.Domain.Aggregates.Users.User", b =>
{
b.Property<Guid>("Id")
.ValueGeneratedOnAdd()
.HasColumnType("uuid")
.HasColumnName("id");
b.Property<string>("AuthProvider")
.IsRequired()
.HasMaxLength(50)
.HasColumnType("character varying(50)")
.HasColumnName("auth_provider");
b.Property<string>("AvatarUrl")
.HasMaxLength(500)
.HasColumnType("character varying(500)")
.HasColumnName("avatar_url");
b.Property<DateTime>("CreatedAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("created_at");
b.Property<string>("Email")
.IsRequired()
.HasMaxLength(255)
.HasColumnType("character varying(255)")
.HasColumnName("email");
b.Property<string>("EmailVerificationToken")
.HasMaxLength(255)
.HasColumnType("character varying(255)")
.HasColumnName("email_verification_token");
b.Property<DateTime?>("EmailVerifiedAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("email_verified_at");
b.Property<string>("ExternalEmail")
.HasMaxLength(255)
.HasColumnType("character varying(255)")
.HasColumnName("external_email");
b.Property<string>("ExternalUserId")
.HasMaxLength(255)
.HasColumnType("character varying(255)")
.HasColumnName("external_user_id");
b.Property<string>("FullName")
.IsRequired()
.HasMaxLength(100)
.HasColumnType("character varying(100)")
.HasColumnName("full_name");
b.Property<string>("JobTitle")
.HasMaxLength(100)
.HasColumnType("character varying(100)")
.HasColumnName("job_title");
b.Property<DateTime?>("LastLoginAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("last_login_at");
b.Property<string>("PasswordHash")
.IsRequired()
.HasMaxLength(255)
.HasColumnType("character varying(255)")
.HasColumnName("password_hash");
b.Property<string>("PasswordResetToken")
.HasMaxLength(255)
.HasColumnType("character varying(255)")
.HasColumnName("password_reset_token");
b.Property<DateTime?>("PasswordResetTokenExpiresAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("password_reset_token_expires_at");
b.Property<string>("PhoneNumber")
.HasMaxLength(50)
.HasColumnType("character varying(50)")
.HasColumnName("phone_number");
b.Property<string>("Status")
.IsRequired()
.HasMaxLength(50)
.HasColumnType("character varying(50)")
.HasColumnName("status");
b.Property<Guid>("TenantId")
.HasColumnType("uuid")
.HasColumnName("tenant_id");
b.Property<DateTime?>("UpdatedAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("updated_at");
b.HasKey("Id");
b.HasIndex("TenantId", "Email")
.IsUnique()
.HasDatabaseName("ix_users_tenant_id_email");
b.ToTable("users", (string)null);
});
#pragma warning restore 612, 618
}
}
}

89
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Infrastructure/Persistence/Migrations/20251103125512_InitialIdentityModule.cs Normal file
View File

@@ -0,0 +1,89 @@
using System;
using Microsoft.EntityFrameworkCore.Migrations;
#nullable disable
namespace ColaFlow.Modules.Identity.Infrastructure.Persistence.Migrations
{
/// <inheritdoc />
public partial class InitialIdentityModule : Migration
{
/// <inheritdoc />
protected override void Up(MigrationBuilder migrationBuilder)
{
migrationBuilder.CreateTable(
name: "tenants",
columns: table => new
{
id = table.Column<Guid>(type: "uuid", nullable: false),
name = table.Column<string>(type: "character varying(100)", maxLength: 100, nullable: false),
slug = table.Column<string>(type: "character varying(50)", maxLength: 50, nullable: false),
status = table.Column<string>(type: "character varying(50)", maxLength: 50, nullable: false),
plan = table.Column<string>(type: "character varying(50)", maxLength: 50, nullable: false),
sso_config = table.Column<string>(type: "jsonb", nullable: true),
created_at = table.Column<DateTime>(type: "timestamp with time zone", nullable: false),
updated_at = table.Column<DateTime>(type: "timestamp with time zone", nullable: true),
suspended_at = table.Column<DateTime>(type: "timestamp with time zone", nullable: true),
suspension_reason = table.Column<string>(type: "character varying(500)", maxLength: 500, nullable: true),
max_users = table.Column<int>(type: "integer", nullable: false),
max_projects = table.Column<int>(type: "integer", nullable: false),
max_storage_gb = table.Column<int>(type: "integer", nullable: false)
},
constraints: table =>
{
table.PrimaryKey("PK_tenants", x => x.id);
});
migrationBuilder.CreateTable(
name: "users",
columns: table => new
{
id = table.Column<Guid>(type: "uuid", nullable: false),
tenant_id = table.Column<Guid>(type: "uuid", nullable: false),
email = table.Column<string>(type: "character varying(255)", maxLength: 255, nullable: false),
password_hash = table.Column<string>(type: "character varying(255)", maxLength: 255, nullable: false),
full_name = table.Column<string>(type: "character varying(100)", maxLength: 100, nullable: false),
status = table.Column<string>(type: "character varying(50)", maxLength: 50, nullable: false),
auth_provider = table.Column<string>(type: "character varying(50)", maxLength: 50, nullable: false),
external_user_id = table.Column<string>(type: "character varying(255)", maxLength: 255, nullable: true),
external_email = table.Column<string>(type: "character varying(255)", maxLength: 255, nullable: true),
avatar_url = table.Column<string>(type: "character varying(500)", maxLength: 500, nullable: true),
job_title = table.Column<string>(type: "character varying(100)", maxLength: 100, nullable: true),
phone_number = table.Column<string>(type: "character varying(50)", maxLength: 50, nullable: true),
created_at = table.Column<DateTime>(type: "timestamp with time zone", nullable: false),
updated_at = table.Column<DateTime>(type: "timestamp with time zone", nullable: true),
last_login_at = table.Column<DateTime>(type: "timestamp with time zone", nullable: true),
email_verified_at = table.Column<DateTime>(type: "timestamp with time zone", nullable: true),
email_verification_token = table.Column<string>(type: "character varying(255)", maxLength: 255, nullable: true),
password_reset_token = table.Column<string>(type: "character varying(255)", maxLength: 255, nullable: true),
password_reset_token_expires_at = table.Column<DateTime>(type: "timestamp with time zone", nullable: true)
},
constraints: table =>
{
table.PrimaryKey("PK_users", x => x.id);
});
migrationBuilder.CreateIndex(
name: "ix_tenants_slug",
table: "tenants",
column: "slug",
unique: true);
migrationBuilder.CreateIndex(
name: "ix_users_tenant_id_email",
table: "users",
columns: new[] { "tenant_id", "email" },
unique: true);
}
/// <inheritdoc />
protected override void Down(MigrationBuilder migrationBuilder)
{
migrationBuilder.DropTable(
name: "tenants");
migrationBuilder.DropTable(
name: "users");
}
}
}

205
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Infrastructure/Persistence/Migrations/IdentityDbContextModelSnapshot.cs Normal file
View File

@@ -0,0 +1,205 @@
// <auto-generated />
using System;
using ColaFlow.Modules.Identity.Infrastructure.Persistence;
using Microsoft.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore.Infrastructure;
using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
#nullable disable
namespace ColaFlow.Modules.Identity.Infrastructure.Persistence.Migrations
{
[DbContext(typeof(IdentityDbContext))]
partial class IdentityDbContextModelSnapshot : ModelSnapshot
{
protected override void BuildModel(ModelBuilder modelBuilder)
{
#pragma warning disable 612, 618
modelBuilder
.HasAnnotation("ProductVersion", "9.0.10")
.HasAnnotation("Relational:MaxIdentifierLength", 63);
NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder);
modelBuilder.Entity("ColaFlow.Modules.Identity.Domain.Aggregates.Tenants.Tenant", b =>
{
b.Property<Guid>("Id")
.ValueGeneratedOnAdd()
.HasColumnType("uuid")
.HasColumnName("id");
b.Property<DateTime>("CreatedAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("created_at");
b.Property<int>("MaxProjects")
.HasColumnType("integer")
.HasColumnName("max_projects");
b.Property<int>("MaxStorageGB")
.HasColumnType("integer")
.HasColumnName("max_storage_gb");
b.Property<int>("MaxUsers")
.HasColumnType("integer")
.HasColumnName("max_users");
b.Property<string>("Name")
.IsRequired()
.HasMaxLength(100)
.HasColumnType("character varying(100)")
.HasColumnName("name");
b.Property<string>("Plan")
.IsRequired()
.HasMaxLength(50)
.HasColumnType("character varying(50)")
.HasColumnName("plan");
b.Property<string>("Slug")
.IsRequired()
.HasMaxLength(50)
.HasColumnType("character varying(50)")
.HasColumnName("slug");
b.Property<string>("SsoConfig")
.HasColumnType("jsonb")
.HasColumnName("sso_config");
b.Property<string>("Status")
.IsRequired()
.HasMaxLength(50)
.HasColumnType("character varying(50)")
.HasColumnName("status");
b.Property<DateTime?>("SuspendedAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("suspended_at");
b.Property<string>("SuspensionReason")
.HasMaxLength(500)
.HasColumnType("character varying(500)")
.HasColumnName("suspension_reason");
b.Property<DateTime?>("UpdatedAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("updated_at");
b.HasKey("Id");
b.HasIndex("Slug")
.IsUnique()
.HasDatabaseName("ix_tenants_slug");
b.ToTable("tenants", (string)null);
});
modelBuilder.Entity("ColaFlow.Modules.Identity.Domain.Aggregates.Users.User", b =>
{
b.Property<Guid>("Id")
.ValueGeneratedOnAdd()
.HasColumnType("uuid")
.HasColumnName("id");
b.Property<string>("AuthProvider")
.IsRequired()
.HasMaxLength(50)
.HasColumnType("character varying(50)")
.HasColumnName("auth_provider");
b.Property<string>("AvatarUrl")
.HasMaxLength(500)
.HasColumnType("character varying(500)")
.HasColumnName("avatar_url");
b.Property<DateTime>("CreatedAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("created_at");
b.Property<string>("Email")
.IsRequired()
.HasMaxLength(255)
.HasColumnType("character varying(255)")
.HasColumnName("email");
b.Property<string>("EmailVerificationToken")
.HasMaxLength(255)
.HasColumnType("character varying(255)")
.HasColumnName("email_verification_token");
b.Property<DateTime?>("EmailVerifiedAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("email_verified_at");
b.Property<string>("ExternalEmail")
.HasMaxLength(255)
.HasColumnType("character varying(255)")
.HasColumnName("external_email");
b.Property<string>("ExternalUserId")
.HasMaxLength(255)
.HasColumnType("character varying(255)")
.HasColumnName("external_user_id");
b.Property<string>("FullName")
.IsRequired()
.HasMaxLength(100)
.HasColumnType("character varying(100)")
.HasColumnName("full_name");
b.Property<string>("JobTitle")
.HasMaxLength(100)
.HasColumnType("character varying(100)")
.HasColumnName("job_title");
b.Property<DateTime?>("LastLoginAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("last_login_at");
b.Property<string>("PasswordHash")
.IsRequired()
.HasMaxLength(255)
.HasColumnType("character varying(255)")
.HasColumnName("password_hash");
b.Property<string>("PasswordResetToken")
.HasMaxLength(255)
.HasColumnType("character varying(255)")
.HasColumnName("password_reset_token");
b.Property<DateTime?>("PasswordResetTokenExpiresAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("password_reset_token_expires_at");
b.Property<string>("PhoneNumber")
.HasMaxLength(50)
.HasColumnType("character varying(50)")
.HasColumnName("phone_number");
b.Property<string>("Status")
.IsRequired()
.HasMaxLength(50)
.HasColumnType("character varying(50)")
.HasColumnName("status");
b.Property<Guid>("TenantId")
.HasColumnType("uuid")
.HasColumnName("tenant_id");
b.Property<DateTime?>("UpdatedAt")
.HasColumnType("timestamp with time zone")
.HasColumnName("updated_at");
b.HasKey("Id");
b.HasIndex("TenantId", "Email")
.IsUnique()
.HasDatabaseName("ix_users_tenant_id_email");
b.ToTable("users", (string)null);
});
#pragma warning restore 612, 618
}
}
}

56
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Infrastructure/Persistence/Repositories/TenantRepository.cs Normal file
View File

@@ -0,0 +1,56 @@
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
using ColaFlow.Modules.Identity.Domain.Repositories;
using Microsoft.EntityFrameworkCore;
namespace ColaFlow.Modules.Identity.Infrastructure.Persistence.Repositories;
public class TenantRepository : ITenantRepository
{
private readonly IdentityDbContext _context;
public TenantRepository(IdentityDbContext context)
{
_context = context;
}
public async Task<Tenant?> GetByIdAsync(TenantId tenantId, CancellationToken cancellationToken = default)
{
return await _context.Tenants
.FirstOrDefaultAsync(t => t.Id == tenantId, cancellationToken);
}
public async Task<Tenant?> GetBySlugAsync(TenantSlug slug, CancellationToken cancellationToken = default)
{
return await _context.Tenants
.FirstOrDefaultAsync(t => t.Slug == slug, cancellationToken);
}
public async Task<bool> ExistsBySlugAsync(TenantSlug slug, CancellationToken cancellationToken = default)
{
return await _context.Tenants
.AnyAsync(t => t.Slug == slug, cancellationToken);
}
public async Task<IReadOnlyList<Tenant>> GetAllAsync(CancellationToken cancellationToken = default)
{
return await _context.Tenants.ToListAsync(cancellationToken);
}
public async Task AddAsync(Tenant tenant, CancellationToken cancellationToken = default)
{
await _context.Tenants.AddAsync(tenant, cancellationToken);
await _context.SaveChangesAsync(cancellationToken);
}
public async Task UpdateAsync(Tenant tenant, CancellationToken cancellationToken = default)
{
_context.Tenants.Update(tenant);
await _context.SaveChangesAsync(cancellationToken);
}
public async Task DeleteAsync(Tenant tenant, CancellationToken cancellationToken = default)
{
_context.Tenants.Remove(tenant);
await _context.SaveChangesAsync(cancellationToken);
}
}

80
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Infrastructure/Persistence/Repositories/UserRepository.cs Normal file
View File

@@ -0,0 +1,80 @@
using ColaFlow.Modules.Identity.Domain.Aggregates.Users;
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
using ColaFlow.Modules.Identity.Domain.Repositories;
using Microsoft.EntityFrameworkCore;
namespace ColaFlow.Modules.Identity.Infrastructure.Persistence.Repositories;
public class UserRepository : IUserRepository
{
private readonly IdentityDbContext _context;
public UserRepository(IdentityDbContext context)
{
_context = context;
}
public async Task<User?> GetByIdAsync(UserId userId, CancellationToken cancellationToken = default)
{
// Global Query Filter automatically applies
return await _context.Users
.FirstOrDefaultAsync(u => u.Id == userId, cancellationToken);
}
public async Task<User?> GetByEmailAsync(TenantId tenantId, Email email, CancellationToken cancellationToken = default)
{
return await _context.Users
.FirstOrDefaultAsync(u => u.TenantId == tenantId && u.Email == email, cancellationToken);
}
public async Task<User?> GetByExternalIdAsync(
TenantId tenantId,
AuthenticationProvider provider,
string externalUserId,
CancellationToken cancellationToken = default)
{
return await _context.Users
.FirstOrDefaultAsync(
u => u.TenantId == tenantId &&
u.AuthProvider == provider &&
u.ExternalUserId == externalUserId,
cancellationToken);
}
public async Task<bool> ExistsByEmailAsync(TenantId tenantId, Email email, CancellationToken cancellationToken = default)
{
return await _context.Users
.AnyAsync(u => u.TenantId == tenantId && u.Email == email, cancellationToken);
}
public async Task<IReadOnlyList<User>> GetAllByTenantAsync(TenantId tenantId, CancellationToken cancellationToken = default)
{
return await _context.Users
.Where(u => u.TenantId == tenantId)
.ToListAsync(cancellationToken);
}
public async Task<int> GetActiveUsersCountAsync(TenantId tenantId, CancellationToken cancellationToken = default)
{
return await _context.Users
.CountAsync(u => u.TenantId == tenantId && u.Status == UserStatus.Active, cancellationToken);
}
public async Task AddAsync(User user, CancellationToken cancellationToken = default)
{
await _context.Users.AddAsync(user, cancellationToken);
await _context.SaveChangesAsync(cancellationToken);
}
public async Task UpdateAsync(User user, CancellationToken cancellationToken = default)
{
_context.Users.Update(user);
await _context.SaveChangesAsync(cancellationToken);
}
public async Task DeleteAsync(User user, CancellationToken cancellationToken = default)
{
_context.Users.Remove(user);
await _context.SaveChangesAsync(cancellationToken);
}
}

34
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Infrastructure/Services/ITenantContext.cs Normal file
View File

@@ -0,0 +1,34 @@
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
namespace ColaFlow.Modules.Identity.Infrastructure.Services;
/// <summary>
/// Tenant context interface - provides current request tenant information
/// </summary>
public interface ITenantContext
{
/// <summary>
/// Current tenant ID
/// </summary>
TenantId? TenantId { get; }
/// <summary>
/// Current tenant slug
/// </summary>
string? TenantSlug { get; }
/// <summary>
/// Whether tenant is set
/// </summary>
bool IsSet { get; }
/// <summary>
/// Set current tenant
/// </summary>
void SetTenant(TenantId tenantId, string tenantSlug);
/// <summary>
/// Clear tenant information
/// </summary>
void Clear();
}

56
colaflow-api/src/Modules/Identity/ColaFlow.Modules.Identity.Infrastructure/Services/TenantContext.cs Normal file
View File

@@ -0,0 +1,56 @@
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
using Microsoft.AspNetCore.Http;
namespace ColaFlow.Modules.Identity.Infrastructure.Services;
/// <summary>
/// Tenant context implementation (Scoped lifetime - one instance per request)
/// </summary>
public class TenantContext : ITenantContext
{
private readonly IHttpContextAccessor _httpContextAccessor;
private TenantId? _tenantId;
private string? _tenantSlug;
public TenantContext(IHttpContextAccessor httpContextAccessor)
{
_httpContextAccessor = httpContextAccessor;
InitializeFromHttpContext();
}
public TenantId? TenantId => _tenantId;
public string? TenantSlug => _tenantSlug;
public bool IsSet => _tenantId != null;
public void SetTenant(TenantId tenantId, string tenantSlug)
{
_tenantId = tenantId;
_tenantSlug = tenantSlug;
}
public void Clear()
{
_tenantId = null;
_tenantSlug = null;
}
/// <summary>
/// Initialize from HTTP Context (extract tenant info from JWT Claims)
/// </summary>
private void InitializeFromHttpContext()
{
var httpContext = _httpContextAccessor.HttpContext;
if (httpContext?.User?.Identity?.IsAuthenticated == true)
{
// Extract tenant_id from JWT Claims
var tenantIdClaim = httpContext.User.FindFirst("tenant_id");
var tenantSlugClaim = httpContext.User.FindFirst("tenant_slug");
if (tenantIdClaim != null && Guid.TryParse(tenantIdClaim.Value, out var tenantIdGuid))
{
_tenantId = TenantId.Create(tenantIdGuid);
_tenantSlug = tenantSlugClaim?.Value;
}
}
}
}