refactor all proto files
This commit is contained in:
Дмитрий
39
proto/account.proto
Normal file
39
proto/account.proto
Normal file
@@ -0,0 +1,39 @@
|
||||
syntax = "proto3";
|
||||
|
||||
package account;
|
||||
|
||||
service AccountService {
|
||||
rpc GetAccount(GetAccountRequest) returns (GetAccountResponse);
|
||||
}
|
||||
|
||||
message GetAccountRequest {
|
||||
string id = 1;
|
||||
}
|
||||
|
||||
message GetAccountResponse {
|
||||
string id = 1;
|
||||
string username = 2;
|
||||
string email = 3;
|
||||
string phone = 4;
|
||||
string full_name = 5;
|
||||
bool is_ldap = 6;
|
||||
string status = 7;
|
||||
repeated string roles = 8;
|
||||
string avatar_url = 9;
|
||||
optional string employee_id = 10;
|
||||
Presence presence = 11;
|
||||
string last_active = 12;
|
||||
string custom_status_text = 13;
|
||||
string custom_status_emoji = 14;
|
||||
string timezone = 15;
|
||||
string language = 16;
|
||||
bool two_fa_enabled = 17;
|
||||
bool has_pin = 18;
|
||||
}
|
||||
|
||||
enum Presence {
|
||||
PRESENCE_UNSPECIFIED = 0;
|
||||
OFFLINE = 1;
|
||||
ONLINE = 2;
|
||||
}
|
||||
|
||||
85
proto/auth.proto
Normal file
85
proto/auth.proto
Normal file
@@ -0,0 +1,85 @@
|
||||
syntax = "proto3";
|
||||
|
||||
package auth.v1;
|
||||
|
||||
option go_package = "git.lendry.ru/lendry-erp/proto.git/go;pb";
|
||||
|
||||
service AuthService {
|
||||
rpc Login (LoginRequest) returns (LoginResponse);
|
||||
rpc Refresh (RefreshRequest) returns (RefreshResponse);
|
||||
rpc VerifyToken (VerifyTokenRequest) returns (VerifyTokenResponse);
|
||||
rpc GetAccountRoleLevel (GetAccountRoleLevelRequest) returns (GetAccountRoleLevelResponse);
|
||||
rpc Logout (LogoutRequest) returns (LogoutResponse);
|
||||
rpc LogoutAll (LogoutRequest) returns (LogoutResponse);
|
||||
rpc UnlockPin (UnlockPinRequest) returns (UnlockPinResponse);
|
||||
|
||||
}
|
||||
|
||||
message LoginRequest {
|
||||
string username = 1;
|
||||
string password = 2;
|
||||
}
|
||||
|
||||
message LoginResponse {
|
||||
string access_token = 1;
|
||||
string refresh_token = 2;
|
||||
string status = 3;
|
||||
bool need2fa = 4;
|
||||
optional string temp_token = 5;
|
||||
optional string message = 6;
|
||||
optional string error_code = 7;
|
||||
}
|
||||
|
||||
message RefreshRequest {
|
||||
string refresh_token = 1;
|
||||
}
|
||||
|
||||
message RefreshResponse {
|
||||
string access_token = 1;
|
||||
string refresh_token = 2;
|
||||
}
|
||||
|
||||
message LogoutRequest {
|
||||
string access_token = 1;
|
||||
}
|
||||
|
||||
message LogoutResponse {
|
||||
bool success = 1;
|
||||
string message = 2;
|
||||
}
|
||||
|
||||
message VerifyTokenRequest {
|
||||
string token = 1;
|
||||
}
|
||||
|
||||
message VerifyTokenResponse {
|
||||
bool is_valid = 1;
|
||||
optional string error_message = 2;
|
||||
optional string id = 3;
|
||||
optional string username = 4;
|
||||
optional int32 role_level = 5;
|
||||
repeated string permissions = 6;
|
||||
optional string session_id = 7;
|
||||
optional bool requires_pin = 8;
|
||||
}
|
||||
|
||||
message GetAccountRoleLevelRequest {
|
||||
string account_id = 1;
|
||||
}
|
||||
|
||||
message GetAccountRoleLevelResponse {
|
||||
bool found = 1;
|
||||
int32 role_level = 2;
|
||||
}
|
||||
|
||||
message UnlockPinRequest {
|
||||
string access_token = 1;
|
||||
string pin_code = 2;
|
||||
}
|
||||
|
||||
message UnlockPinResponse {
|
||||
bool success = 1;
|
||||
string message = 2;
|
||||
}
|
||||
|
||||
|
||||
@@ -1,188 +0,0 @@
|
||||
syntax = "proto3";
|
||||
|
||||
package identity;
|
||||
|
||||
option go_package = "git.lendry.ru/lendry-erp/proto.git/go;pb";
|
||||
|
||||
service AuthService {
|
||||
rpc Login (LoginRequest) returns (LoginResponse);
|
||||
rpc Refresh (RefreshRequest) returns (RefreshResponse);
|
||||
rpc VerifyToken (VerifyTokenRequest) returns (VerifyTokenResponse);
|
||||
rpc GetAccountRoleLevel (GetAccountRoleLevelRequest) returns (GetAccountRoleLevelResponse);
|
||||
rpc Logout (LogoutRequest) returns (LogoutResponse);
|
||||
rpc LogoutAll (LogoutRequest) returns (LogoutResponse);
|
||||
rpc UnlockPin (UnlockPinRequest) returns (UnlockPinResponse);
|
||||
rpc Verify2Fa (Verify2FaRequest) returns (Verify2FaResponse);
|
||||
}
|
||||
|
||||
service TwoFaService {
|
||||
rpc GetTwoFaStatus (GetTwoFaStatusRequest) returns (GetTwoFaStatusResponse);
|
||||
rpc StartTotpEnrollment (AuthenticatedAccessRequest) returns (StartTotpEnrollmentResponse);
|
||||
rpc ConfirmTotpErollment (ConfirmTotpEnrollmentRequest) returns (ConfirmTotpEnrollmentResponse);
|
||||
rpc CancelTotpEnrollment (AuthenticatedAccessRequest) returns (CancelTotpEnrollmentResponse);
|
||||
rpc DisableTotp (DisableTotpRequest) returns (DisableTotpResponse);
|
||||
rpc StartTelegramEnrollment (AuthenticatedAccessRequest) returns (StartTelegramEnrollmentResponse);
|
||||
rpc ConfirmTelegramEnrollment (ConfirmTelegramEnrollmentRequest) returns (ConfirmTelegramEnrollmentResponse);
|
||||
rpc DisableTelegram(DisableTelegramRequest) returns (DisableTelegramResponse);
|
||||
}
|
||||
|
||||
message LoginRequest {
|
||||
string username = 1;
|
||||
string password = 2;
|
||||
}
|
||||
|
||||
message LoginResponse {
|
||||
string access_token = 1;
|
||||
string refresh_token = 2;
|
||||
string status = 3;
|
||||
bool need2fa = 4;
|
||||
optional string temp_token = 5;
|
||||
optional string message = 6;
|
||||
optional string error_code = 7;
|
||||
}
|
||||
|
||||
message RefreshRequest {
|
||||
string refresh_token = 1;
|
||||
}
|
||||
|
||||
message RefreshResponse {
|
||||
string access_token = 1;
|
||||
string refresh_token = 2;
|
||||
}
|
||||
|
||||
message LogoutRequest {
|
||||
string access_token = 1;
|
||||
}
|
||||
|
||||
message LogoutResponse {
|
||||
bool success = 1;
|
||||
string message = 2;
|
||||
}
|
||||
|
||||
message VerifyTokenRequest {
|
||||
string token = 1;
|
||||
}
|
||||
|
||||
message VerifyTokenResponse {
|
||||
bool is_valid = 1;
|
||||
optional string error_message = 2;
|
||||
optional string id = 3;
|
||||
optional string username = 4;
|
||||
optional int32 role_level = 5;
|
||||
repeated string permissions = 6;
|
||||
optional string session_id = 7;
|
||||
optional bool requires_pin = 8;
|
||||
}
|
||||
|
||||
message GetAccountRoleLevelRequest {
|
||||
string account_id = 1;
|
||||
}
|
||||
|
||||
message GetAccountRoleLevelResponse {
|
||||
bool found = 1;
|
||||
int32 role_level = 2;
|
||||
}
|
||||
|
||||
message UnlockPinRequest {
|
||||
string access_token = 1;
|
||||
string pin_code = 2;
|
||||
}
|
||||
|
||||
message UnlockPinResponse {
|
||||
bool success = 1;
|
||||
string message = 2;
|
||||
}
|
||||
|
||||
|
||||
message Verify2FaRequest {
|
||||
string temp_token = 1;
|
||||
optional string totp_code = 2;
|
||||
optional string telegram_code = 3;
|
||||
}
|
||||
|
||||
message Verify2FaResponse {
|
||||
string access_token = 1;
|
||||
string refresh_token = 2;
|
||||
string status = 3;
|
||||
string message = 4;
|
||||
repeated string reserve_codes = 5;
|
||||
}
|
||||
|
||||
message AuthenticatedAccessRequest {
|
||||
string access_token = 1;
|
||||
}
|
||||
|
||||
message GetTwoFaStatusRequest {
|
||||
string access_token = 1;
|
||||
}
|
||||
|
||||
message GetTwoFaStatusResponse {
|
||||
bool totp_enabled = 1;
|
||||
bool telegram_enabled = 2;
|
||||
bool totp_enrollment_pending = 3;
|
||||
bool telegram_enrollment_pending = 4;
|
||||
}
|
||||
|
||||
message StartTotpEnrollmentResponse {
|
||||
string secret_base32 = 1;
|
||||
string otpauth_uri = 2;
|
||||
string issuer = 3;
|
||||
string account_label = 4;
|
||||
}
|
||||
|
||||
message ConfirmTotpEnrollmentRequest {
|
||||
string access_token = 1;
|
||||
string totp_code = 2;
|
||||
}
|
||||
|
||||
message ConfirmTotpEnrollmentResponse {
|
||||
string status = 1;
|
||||
string message = 2;
|
||||
repeated string reserve_codes = 3;
|
||||
}
|
||||
|
||||
message CancelTotpEnrollmentResponse {
|
||||
string status = 1;
|
||||
string message = 2;
|
||||
}
|
||||
|
||||
message DisableTotpRequest {
|
||||
string access_token = 1;
|
||||
string password = 2;
|
||||
optional string totp_code = 3;
|
||||
}
|
||||
|
||||
message DisableTotpResponse {
|
||||
string status = 1;
|
||||
string message = 2;
|
||||
}
|
||||
|
||||
message StartTelegramEnrollmentResponse {
|
||||
string enrollment_token = 1;
|
||||
string deep_link = 2;
|
||||
string bot_username = 3;
|
||||
string expires_at_iso = 4;
|
||||
}
|
||||
|
||||
message ConfirmTelegramEnrollmentRequest {
|
||||
string access_token = 1;
|
||||
string enrollment_token = 2;
|
||||
string otp_code = 3;
|
||||
}
|
||||
|
||||
message ConfirmTelegramEnrollmentResponse {
|
||||
string status = 1;
|
||||
string message = 2;
|
||||
repeated string reserve_codes=3;
|
||||
}
|
||||
|
||||
message DisableTelegramRequest {
|
||||
string access_token = 1;
|
||||
string password = 2;
|
||||
optional string telegram_otp_code = 3;
|
||||
}
|
||||
|
||||
message DisableTelegramResponse {
|
||||
string status = 1;
|
||||
string message = 2;
|
||||
}
|
||||
45
proto/ldap-auth.proto
Normal file
45
proto/ldap-auth.proto
Normal file
@@ -0,0 +1,45 @@
|
||||
syntax = "proto3";
|
||||
|
||||
package ldap_auth.v1;
|
||||
|
||||
option go_package = "git.lendry.ru/lendry-erp/proto.git/go;pb";
|
||||
|
||||
|
||||
service LdapAuthService {
|
||||
rpc VerifyUser (VerifyRequest) returns (VerifyResponse);
|
||||
|
||||
}
|
||||
|
||||
// ==========================================
|
||||
// БАЗОВЫЕ И ПЕРЕИСПОЛЬЗУЕМЫЕ СТРУКТУРЫ
|
||||
// ==========================================
|
||||
|
||||
// Полная модель пользователя
|
||||
message UserData {
|
||||
string dn = 1; // Полный путь в AD (Distinguished Name)
|
||||
string username = 2; // Логин (sAMAccountName)
|
||||
string display_name = 3; // ФИО (displayName)
|
||||
string email = 4; // Почта (mail)
|
||||
string description = 5; // Описание/Должность (description)
|
||||
bytes avatar = 6; // Аватарка в байтах (thumbnailPhoto)
|
||||
repeated string groups = 7; // Список групп
|
||||
bool is_active = 8; // Статус аккаунта
|
||||
}
|
||||
|
||||
|
||||
// ==========================================
|
||||
// ЗАПРОСЫ И ОТВЕТЫ (REQUESTS / RESPONSES)
|
||||
// ==========================================
|
||||
|
||||
// --- Авторизация ---
|
||||
message VerifyRequest {
|
||||
string username = 1;
|
||||
string password = 2;
|
||||
}
|
||||
|
||||
message VerifyResponse {
|
||||
bool success = 1;
|
||||
string error_message = 2;
|
||||
UserData user = 3; // Отдаем полные данные при успешном входе
|
||||
}
|
||||
|
||||
@@ -1,24 +1,18 @@
|
||||
syntax = "proto3";
|
||||
|
||||
package ldap_service;
|
||||
package ldap.v1;
|
||||
|
||||
option go_package = "git.lendry.ru/lendry-erp/proto.git/go;pb";
|
||||
|
||||
// ==========================================
|
||||
// ГЛАВНЫЙ СЕРВИС
|
||||
// ==========================================
|
||||
service LdapAuth {
|
||||
// --- Вектор 1: Авторизация (Bind от имени пользователя) ---
|
||||
rpc VerifyUser (VerifyRequest) returns (VerifyResponse);
|
||||
|
||||
// --- Вектор 2: Управление Пользователями (Bind системного аккаунта) ---
|
||||
service LdapService {
|
||||
// Управление Пользователями (Bind системного аккаунта) ---
|
||||
rpc GetUsers (EmptyRequest) returns (UserListResponse);
|
||||
rpc CreateUser (CreateUserRequest) returns (StatusResponse);
|
||||
rpc UpdateUser (UpdateUserRequest) returns (StatusResponse);
|
||||
rpc ChangePassword (ChangePasswordRequest) returns (StatusResponse);
|
||||
rpc ToggleUserStatus (ToggleStatusRequest) returns (StatusResponse);
|
||||
|
||||
// --- Вектор 3: Управление Группами ---
|
||||
// Управление Группами ---
|
||||
rpc GetGroups (EmptyRequest) returns (GroupListResponse);
|
||||
rpc AddUserToGroup (GroupMemberRequest) returns (StatusResponse);
|
||||
rpc RemoveUserFromGroup (GroupMemberRequest) returns (StatusResponse);
|
||||
@@ -53,22 +47,6 @@ message GroupData {
|
||||
string name = 2; // Короткое имя группы (cn)
|
||||
}
|
||||
|
||||
// ==========================================
|
||||
// ЗАПРОСЫ И ОТВЕТЫ (REQUESTS / RESPONSES)
|
||||
// ==========================================
|
||||
|
||||
// --- Авторизация ---
|
||||
message VerifyRequest {
|
||||
string username = 1;
|
||||
string password = 2;
|
||||
}
|
||||
|
||||
message VerifyResponse {
|
||||
bool success = 1;
|
||||
string error_message = 2;
|
||||
UserData user = 3; // Отдаем полные данные при успешном входе
|
||||
}
|
||||
|
||||
// --- Списки ---
|
||||
message UserListResponse {
|
||||
bool success = 1;
|
||||
|
||||
111
proto/twofa.proto
Normal file
111
proto/twofa.proto
Normal file
@@ -0,0 +1,111 @@
|
||||
syntax = "proto3";
|
||||
|
||||
package twofa.v1;
|
||||
|
||||
option go_package = "git.lendry.ru/lendry-erp/proto.git/go;pb";
|
||||
|
||||
service TwoFaService {
|
||||
rpc Verify2Fa (Verify2FaRequest) returns (Verify2FaResponse);
|
||||
rpc GetTwoFaStatus (GetTwoFaStatusRequest) returns (GetTwoFaStatusResponse);
|
||||
rpc StartTotpEnrollment (AuthenticatedAccessRequest) returns (StartTotpEnrollmentResponse);
|
||||
rpc ConfirmTotpErollment (ConfirmTotpEnrollmentRequest) returns (ConfirmTotpEnrollmentResponse);
|
||||
rpc CancelTotpEnrollment (AuthenticatedAccessRequest) returns (CancelTotpEnrollmentResponse);
|
||||
rpc DisableTotp (DisableTotpRequest) returns (DisableTotpResponse);
|
||||
rpc StartTelegramEnrollment (AuthenticatedAccessRequest) returns (StartTelegramEnrollmentResponse);
|
||||
rpc ConfirmTelegramEnrollment (ConfirmTelegramEnrollmentRequest) returns (ConfirmTelegramEnrollmentResponse);
|
||||
rpc DisableTelegram(DisableTelegramRequest) returns (DisableTelegramResponse);
|
||||
}
|
||||
|
||||
message Verify2FaRequest {
|
||||
string temp_token = 1;
|
||||
optional string totp_code = 2;
|
||||
optional string telegram_code = 3;
|
||||
}
|
||||
|
||||
message Verify2FaResponse {
|
||||
string access_token = 1;
|
||||
string refresh_token = 2;
|
||||
string status = 3;
|
||||
string message = 4;
|
||||
repeated string reserve_codes = 5;
|
||||
}
|
||||
|
||||
message AuthenticatedAccessRequest {
|
||||
string access_token = 1;
|
||||
}
|
||||
|
||||
message GetTwoFaStatusRequest {
|
||||
string access_token = 1;
|
||||
}
|
||||
|
||||
message GetTwoFaStatusResponse {
|
||||
bool totp_enabled = 1;
|
||||
bool telegram_enabled = 2;
|
||||
bool totp_enrollment_pending = 3;
|
||||
bool telegram_enrollment_pending = 4;
|
||||
}
|
||||
|
||||
message StartTotpEnrollmentResponse {
|
||||
string secret_base32 = 1;
|
||||
string otpauth_uri = 2;
|
||||
string issuer = 3;
|
||||
string account_label = 4;
|
||||
}
|
||||
|
||||
message ConfirmTotpEnrollmentRequest {
|
||||
string access_token = 1;
|
||||
string totp_code = 2;
|
||||
}
|
||||
|
||||
message ConfirmTotpEnrollmentResponse {
|
||||
string status = 1;
|
||||
string message = 2;
|
||||
repeated string reserve_codes = 3;
|
||||
}
|
||||
|
||||
message CancelTotpEnrollmentResponse {
|
||||
string status = 1;
|
||||
string message = 2;
|
||||
}
|
||||
|
||||
message DisableTotpRequest {
|
||||
string access_token = 1;
|
||||
string password = 2;
|
||||
optional string totp_code = 3;
|
||||
}
|
||||
|
||||
message DisableTotpResponse {
|
||||
string status = 1;
|
||||
string message = 2;
|
||||
}
|
||||
|
||||
message StartTelegramEnrollmentResponse {
|
||||
string enrollment_token = 1;
|
||||
string deep_link = 2;
|
||||
string bot_username = 3;
|
||||
string expires_at_iso = 4;
|
||||
}
|
||||
|
||||
message ConfirmTelegramEnrollmentRequest {
|
||||
string access_token = 1;
|
||||
string enrollment_token = 2;
|
||||
string otp_code = 3;
|
||||
}
|
||||
|
||||
message ConfirmTelegramEnrollmentResponse {
|
||||
string status = 1;
|
||||
string message = 2;
|
||||
repeated string reserve_codes=3;
|
||||
}
|
||||
|
||||
message DisableTelegramRequest {
|
||||
string access_token = 1;
|
||||
string password = 2;
|
||||
optional string telegram_otp_code = 3;
|
||||
}
|
||||
|
||||
message DisableTelegramResponse {
|
||||
string status = 1;
|
||||
string message = 2;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user