feat(auth): implement JWT authentication and user registration

- Added JWT authentication with token generation and validation. - Introduced user registration functionality with email and password. - Integrated Argon2 for password hashing. - Created SQLite user repository for user data persistence. - Updated application context to include user repository and configuration settings. - Added environment variable support for JWT secret and registration allowance. - Enhanced error handling for unauthorized access and validation errors. - Updated presentation layer to handle login and registration requests.
2026-05-04 10:43:07 +02:00
parent ba42d3d445
commit 93c65cd155
29 changed files with 599 additions and 85 deletions
--- a/crates/domain/src/errors.rs
+++ b/crates/domain/src/errors.rs
@@ -13,4 +13,7 @@ pub enum DomainError {

    #[error("Infrastructure failure: {0}")]
    InfrastructureError(String),
+
+    #[error("Unauthorized: {0}")]
+    Unauthorized(String),
 }
--- a/crates/domain/src/models/mod.rs
+++ b/crates/domain/src/models/mod.rs
@@ -250,6 +250,10 @@ impl User {
        }
    }

+    pub fn from_persistence(id: UserId, email: Email, password_hash: PasswordHash) -> Self {
+        Self { id, email, password_hash }
+    }
+
    pub fn update_password(&mut self, new_hash: PasswordHash) {
        self.password_hash = new_hash;
    }
--- a/crates/domain/src/ports.rs
+++ b/crates/domain/src/ports.rs
@@ -1,12 +1,13 @@
 use async_trait::async_trait;
+use chrono::{DateTime, Utc};

 use crate::{
    errors::DomainError,
    events::DomainEvent,
-    models::{DiaryEntry, DiaryFilter, Movie, Review, ReviewHistory, collections::Paginated},
+    models::{DiaryEntry, DiaryFilter, Movie, Review, ReviewHistory, User, collections::Paginated},
    value_objects::{
-        ExternalMetadataId, MovieId, MovieTitle, PasswordHash, PosterPath, PosterUrl, ReleaseYear,
-        UserId,
+        Email, ExternalMetadataId, MovieId, MovieTitle, PasswordHash, PosterPath, PosterUrl,
+        ReleaseYear, UserId,
    },
 };

@@ -61,11 +62,23 @@ pub trait PosterStorage: Send + Sync {
    async fn get_poster(&self, poster_path: &PosterPath) -> Result<Vec<u8>, DomainError>;
 }

+pub struct GeneratedToken {
+    pub token: String,
+    pub expires_at: DateTime<Utc>,
+}
+
 #[async_trait]
 pub trait AuthService: Send + Sync {
+    async fn generate_token(&self, user_id: &UserId) -> Result<GeneratedToken, DomainError>;
    async fn validate_token(&self, token: &str) -> Result<UserId, DomainError>;
 }

+#[async_trait]
+pub trait UserRepository: Send + Sync {
+    async fn find_by_email(&self, email: &Email) -> Result<Option<User>, DomainError>;
+    async fn save(&self, user: &User) -> Result<(), DomainError>;
+}
+
 #[async_trait]
 pub trait EventPublisher: Send + Sync {
    async fn publish(&self, event: &DomainEvent) -> Result<(), DomainError>;