lendry-erp/contracts
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: lendry-erp:44525133ab0aa30bb7517b1ab7842ae73049796e
Branches Tags
lendry-erp:main
lendry-erp:v1.0.33 lendry-erp:v1.0.0 lendry-erp:v1.0.32 lendry-erp:v1.0.30 lendry-erp:v1.0.29 lendry-erp:v1.0.21 lendry-erp:v1.0.20 lendry-erp:v1.0.18 lendry-erp:v1.0.17 lendry-erp:v1.0.16 lendry-erp:v1.0.15 lendry-erp:v1.0.14 lendry-erp:v1.0.13 lendry-erp:v1.0.12 lendry-erp:v1.0.11 lendry-erp:v1.0.10
..
compare: lendry-erp:v1.0.13
Branches Tags
lendry-erp:main
lendry-erp:v1.0.33 lendry-erp:v1.0.0 lendry-erp:v1.0.32 lendry-erp:v1.0.30 lendry-erp:v1.0.29 lendry-erp:v1.0.21 lendry-erp:v1.0.20 lendry-erp:v1.0.18 lendry-erp:v1.0.17 lendry-erp:v1.0.16 lendry-erp:v1.0.15 lendry-erp:v1.0.14 lendry-erp:v1.0.13 lendry-erp:v1.0.12 lendry-erp:v1.0.11 lendry-erp:v1.0.10

1 Commits
44525133ab ... v1.0.13

Author SHA1 Message Date
Дмитрий
add54d15e5 update: package json version 2026-03-30 18:32:23 +03:00
10 changed files with 386 additions and 292 deletions
Expand all files Collapse all files

2
.github/workflows/publish.yml vendored
View File

@@ -50,7 +50,7 @@ jobs:
npm install -g ts-proto
mkdir -p ./gen/go # Создаем вложенную папку для Go
protoc -I ./proto ./proto/*.proto \
--ts_proto_out=nestJs=true,addGrpcMetadata=true,package=omit:./gen \
--ts_proto_out=nestJs=true,package=omit:./gen \
--go_out=paths=source_relative:./gen/go \
--go-grpc_out=paths=source_relative:./gen/go

276
gen/identity.ts Normal file
View File

@@ -0,0 +1,276 @@
// Code generated by protoc-gen-ts_proto. DO NOT EDIT.
// versions:
// protoc-gen-ts_proto v2.11.6
// protoc v7.34.1
// source: identity.proto
/* eslint-disable */
import { GrpcMethod, GrpcStreamMethod } from "@nestjs/microservices";
import { Observable } from "rxjs";
import { Status } from "./google/rpc/status";
export const protobufPackage = "identity";
export interface LoginRequest {
username: string;
password: string;
}
export interface LoginResponse {
accessToken: string;
refreshToken: string;
status: string;
need2fa: boolean;
tempToken?: string | undefined;
message?: string | undefined;
errorCode?: string | undefined;
error?: Status | undefined;
}
export interface RefreshRequest {
refreshToken: string;
}
export interface RefreshResponse {
accessToken: string;
refreshToken: string;
}
export interface LogoutRequest {
accessToken: string;
}
export interface LogoutResponse {
success: boolean;
message: string;
}
export interface UnlockPinRequest {
accessToken: string;
pinCode: string;
}
export interface UnlockPinResponse {
success: boolean;
message: string;
}
export interface Verify2FaRequest {
tempToken: string;
totpCode?: string | undefined;
telegramCode?: string | undefined;
}
export interface Verify2FaResponse {
accessToken: string;
refreshToken: string;
status: string;
message: string;
reserveCodes: string[];
}
export interface AuthenticatedAccessRequest {
accessToken: string;
}
export interface GetTwoFaStatusRequest {
accessToken: string;
}
export interface GetTwoFaStatusResponse {
totpEnabled: boolean;
telegramEnabled: boolean;
totpEnrollmentPending: boolean;
telegramEnrollmentPending: boolean;
}
export interface StartTotpEnrollmentResponse {
secretBase32: string;
otpauthUri: string;
issuer: string;
accountLabel: string;
}
export interface ConfirmTotpEnrollmentRequest {
accessToken: string;
totpCode: string;
}
export interface ConfirmTotpEnrollmentResponse {
status: string;
message: string;
reserveCodes: string[];
}
export interface CancelTotpEnrollmentResponse {
status: string;
message: string;
}
export interface DisableTotpRequest {
accessToken: string;
password: string;
totpCode?: string | undefined;
}
export interface DisableTotpResponse {
status: string;
message: string;
}
export interface StartTelegramEnrollmentResponse {
enrollmentToken: string;
deepLink: string;
botUsername: string;
expiresAtIso: string;
}
export interface ConfirmTelegramEnrollmentRequest {
accessToken: string;
enrollmentToken: string;
otpCode: string;
}
export interface ConfirmTelegramEnrollmentResponse {
status: string;
message: string;
reserveCodes: string[];
}
export interface DisableTelegramRequest {
accessToken: string;
password: string;
telegramOtpCode?: string | undefined;
}
export interface DisableTelegramResponse {
status: string;
message: string;
}
export const IDENTITY_PACKAGE_NAME = "identity";
export interface AuthServiceClient {
login(request: LoginRequest): Observable<LoginResponse>;
refresh(request: RefreshRequest): Observable<RefreshResponse>;
logout(request: LogoutRequest): Observable<LogoutResponse>;
unlockPin(request: UnlockPinRequest): Observable<UnlockPinResponse>;
verify2Fa(request: Verify2FaRequest): Observable<Verify2FaResponse>;
}
export interface AuthServiceController {
login(request: LoginRequest): Promise<LoginResponse> | Observable<LoginResponse> | LoginResponse;
refresh(request: RefreshRequest): Promise<RefreshResponse> | Observable<RefreshResponse> | RefreshResponse;
logout(request: LogoutRequest): Promise<LogoutResponse> | Observable<LogoutResponse> | LogoutResponse;
unlockPin(request: UnlockPinRequest): Promise<UnlockPinResponse> | Observable<UnlockPinResponse> | UnlockPinResponse;
verify2Fa(request: Verify2FaRequest): Promise<Verify2FaResponse> | Observable<Verify2FaResponse> | Verify2FaResponse;
}
export function AuthServiceControllerMethods() {
return function (constructor: Function) {
const grpcMethods: string[] = ["login", "refresh", "logout", "unlockPin", "verify2Fa"];
for (const method of grpcMethods) {
const descriptor: any = Reflect.getOwnPropertyDescriptor(constructor.prototype, method);
GrpcMethod("AuthService", method)(constructor.prototype[method], method, descriptor);
}
const grpcStreamMethods: string[] = [];
for (const method of grpcStreamMethods) {
const descriptor: any = Reflect.getOwnPropertyDescriptor(constructor.prototype, method);
GrpcStreamMethod("AuthService", method)(constructor.prototype[method], method, descriptor);
}
};
}
export const AUTH_SERVICE_NAME = "AuthService";
export interface TwoFaServiceClient {
getTwoFaStatus(request: GetTwoFaStatusRequest): Observable<GetTwoFaStatusResponse>;
startTotpEnrollment(request: AuthenticatedAccessRequest): Observable<StartTotpEnrollmentResponse>;
confirmTotpErollment(request: ConfirmTotpEnrollmentRequest): Observable<ConfirmTotpEnrollmentResponse>;
cancelTotpEnrollment(request: AuthenticatedAccessRequest): Observable<CancelTotpEnrollmentResponse>;
disableTotp(request: DisableTotpRequest): Observable<DisableTotpResponse>;
startTelegramEnrollment(request: AuthenticatedAccessRequest): Observable<StartTelegramEnrollmentResponse>;
confirmTelegramEnrollment(request: ConfirmTelegramEnrollmentRequest): Observable<ConfirmTelegramEnrollmentResponse>;
disableTelegram(request: DisableTelegramRequest): Observable<DisableTelegramResponse>;
}
export interface TwoFaServiceController {
getTwoFaStatus(
request: GetTwoFaStatusRequest,
): Promise<GetTwoFaStatusResponse> | Observable<GetTwoFaStatusResponse> | GetTwoFaStatusResponse;
startTotpEnrollment(
request: AuthenticatedAccessRequest,
): Promise<StartTotpEnrollmentResponse> | Observable<StartTotpEnrollmentResponse> | StartTotpEnrollmentResponse;
confirmTotpErollment(
request: ConfirmTotpEnrollmentRequest,
): Promise<ConfirmTotpEnrollmentResponse> | Observable<ConfirmTotpEnrollmentResponse> | ConfirmTotpEnrollmentResponse;
cancelTotpEnrollment(
request: AuthenticatedAccessRequest,
): Promise<CancelTotpEnrollmentResponse> | Observable<CancelTotpEnrollmentResponse> | CancelTotpEnrollmentResponse;
disableTotp(
request: DisableTotpRequest,
): Promise<DisableTotpResponse> | Observable<DisableTotpResponse> | DisableTotpResponse;
startTelegramEnrollment(
request: AuthenticatedAccessRequest,
):
| Promise<StartTelegramEnrollmentResponse>
| Observable<StartTelegramEnrollmentResponse>
| StartTelegramEnrollmentResponse;
confirmTelegramEnrollment(
request: ConfirmTelegramEnrollmentRequest,
):
| Promise<ConfirmTelegramEnrollmentResponse>
| Observable<ConfirmTelegramEnrollmentResponse>
| ConfirmTelegramEnrollmentResponse;
disableTelegram(
request: DisableTelegramRequest,
): Promise<DisableTelegramResponse> | Observable<DisableTelegramResponse> | DisableTelegramResponse;
}
export function TwoFaServiceControllerMethods() {
return function (constructor: Function) {
const grpcMethods: string[] = [
"getTwoFaStatus",
"startTotpEnrollment",
"confirmTotpErollment",
"cancelTotpEnrollment",
"disableTotp",
"startTelegramEnrollment",
"confirmTelegramEnrollment",
"disableTelegram",
];
for (const method of grpcMethods) {
const descriptor: any = Reflect.getOwnPropertyDescriptor(constructor.prototype, method);
GrpcMethod("TwoFaService", method)(constructor.prototype[method], method, descriptor);
}
const grpcStreamMethods: string[] = [];
for (const method of grpcStreamMethods) {
const descriptor: any = Reflect.getOwnPropertyDescriptor(constructor.prototype, method);
GrpcStreamMethod("TwoFaService", method)(constructor.prototype[method], method, descriptor);
}
};
}
export const TWO_FA_SERVICE_NAME = "TwoFaService";

2
go.mod
View File

@@ -1,3 +1,3 @@
module git.lendry.ru/lendry-erp/contracts.git
module git.lendry.ru/lendry-erp/proto
go 1.26.1

55
package-lock.json generated
View File

@@ -1,15 +1,14 @@
{
"name": "@lendry-erp/contracts",
"version": "1.0.24",
"version": "1.0.2",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "@lendry-erp/contracts",
"version": "1.0.24",
"version": "1.0.2",
"dependencies": {
"@lendry-erp/contracts": "^1.0.24",
"@lendry-erp/passport": "^1.0.3",
"@lendry-erp/contracts": "^1.0.2",
"@nestjs/microservices": "^11.1.17",
"rxjs": "^7.8.2",
"ts-proto": "^2.11.6"
@@ -24,6 +23,7 @@
"resolved": "https://registry.npmjs.org/@borewit/text-codec/-/text-codec-0.2.2.tgz",
"integrity": "sha512-DDaRehssg1aNrH4+2hnj1B7vnUGEjU6OIlyRdkMd0aUdIUvKXrJfXsy8LVtXAy7DRvYVluWbMspsRhz2lcW0mQ==",
"license": "MIT",
"peer": true,
"funding": {
"type": "github",
"url": "https://github.com/sponsors/Borewit"
@@ -36,32 +36,21 @@
"license": "(Apache-2.0 AND BSD-3-Clause)"
},
"node_modules/@lendry-erp/contracts": {
"version": "1.0.24",
"resolved": "https://git.lendry.ru/api/packages/lendry-erp/npm/%40lendry-erp%2Fcontracts/-/1.0.24/contracts-1.0.24.tgz",
"integrity": "sha512-Bn4RgU22O6IDFhYEbQicBLpRtSGHrEgqOSAljQh4lT5shMeLedlE0V3jFxzFu9xpyTzcM/o+C96vpsAHab0tbg==",
"version": "1.0.2",
"resolved": "https://git.lendry.ru/api/packages/lendry-erp/npm/%40lendry-erp%2Fcontracts/-/1.0.2/contracts-1.0.2.tgz",
"integrity": "sha512-39NulQ6mn3dmrX/GXwzYYPyX/rE+4gO1En+uJJR9bHXZ3awWi0U3drIvgwM25gyi829Ae0U8vVtzMaP3gON90A==",
"dependencies": {
"@nestjs/microservices": "^11.1.17",
"rxjs": "^7.8.2",
"ts-proto": "^2.11.6"
}
},
"node_modules/@lendry-erp/passport": {
"version": "1.0.3",
"resolved": "https://git.lendry.ru/api/packages/lendry-erp/npm/%40lendry-erp%2Fpassport/-/1.0.3/passport-1.0.3.tgz",
"integrity": "sha512-gaPdlZahkXmOUnLBlzNdk41nJ1BI6TPZY5xUaCmlIkpqZKr8D5TSBBkFrw4Vlw+TLImqL2Y1JUT4k60gHHtjiw==",
"license": "ISC",
"dependencies": {
"@nestjs/common": "^11.1.17",
"@nestjs/core": "^11.1.17",
"reflect-metadata": "^0.2.2",
"rxjs": "^7.8.2"
}
},
"node_modules/@lukeed/csprng": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/@lukeed/csprng/-/csprng-1.1.0.tgz",
"integrity": "sha512-Z7C/xXCiGWsg0KuKsHTKJxbWhpI3Vs5GwLfOean7MGyVFGqdRgBbAjOCh6u4bbjPc/8MJ2pZmK/0DLdCbivLDA==",
"license": "MIT",
"peer": true,
"engines": {
"node": ">=8"
}
@@ -71,6 +60,7 @@
"resolved": "https://registry.npmjs.org/@nestjs/common/-/common-11.1.17.tgz",
"integrity": "sha512-hLODw5Abp8OQgA+mUO4tHou4krKgDtUcM9j5Ihxncst9XeyxYBTt2bwZm4e4EQr5E352S4Fyy6V3iFx9ggxKAg==",
"license": "MIT",
"peer": true,
"dependencies": {
"file-type": "21.3.2",
"iterare": "1.2.1",
@@ -103,6 +93,7 @@
"integrity": "sha512-lD5mAYekTTurF3vDaa8C2OKPnjiz4tsfxIc5XlcSUzOhkwWf6Ay3HKvt6FmvuWQam6uIIHX52Clg+e6tAvf/cg==",
"hasInstallScript": true,
"license": "MIT",
"peer": true,
"dependencies": {
"@nuxt/opencollective": "0.4.1",
"fast-safe-stringify": "2.1.1",
@@ -201,6 +192,7 @@
"resolved": "https://registry.npmjs.org/@nuxt/opencollective/-/opencollective-0.4.1.tgz",
"integrity": "sha512-GXD3wy50qYbxCJ652bDrDzgMr3NFEkIS374+IgFQKkCvk9yiYcLvX2XDYr7UyQxf4wK0e+yqDYRubZ0DtOxnmQ==",
"license": "MIT",
"peer": true,
"dependencies": {
"consola": "^3.2.3"
},
@@ -217,6 +209,7 @@
"resolved": "https://registry.npmjs.org/@tokenizer/inflate/-/inflate-0.4.1.tgz",
"integrity": "sha512-2mAv+8pkG6GIZiF1kNg1jAjh27IDxEPKwdGul3snfztFerfPGI1LjDezZp3i7BElXompqEtPmoPx6c2wgtWsOA==",
"license": "MIT",
"peer": true,
"dependencies": {
"debug": "^4.4.3",
"token-types": "^6.1.1"
@@ -233,7 +226,8 @@
"version": "0.3.0",
"resolved": "https://registry.npmjs.org/@tokenizer/token/-/token-0.3.0.tgz",
"integrity": "sha512-OvjF+z51L3ov0OyAU0duzsYuvO01PH7x4t6DJx+guahgTnBHkhJdG7soQeTSFLWN3efnHyibZ4Z8l2EuWwJN3A==",
"license": "MIT"
"license": "MIT",
"peer": true
},
"node_modules/@types/node": {
"version": "25.5.0",
@@ -262,6 +256,7 @@
"resolved": "https://registry.npmjs.org/consola/-/consola-3.4.2.tgz",
"integrity": "sha512-5IKcdX0nnYavi6G7TtOhwkYzyjfJlatbjMjuLSfE2kYT5pMDOilZ4OvMhi637CcDICTmz3wARPoyhqyX1Y+XvA==",
"license": "MIT",
"peer": true,
"engines": {
"node": "^14.18.0 || >=16.10.0"
}
@@ -271,6 +266,7 @@
"resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
"integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
"license": "MIT",
"peer": true,
"dependencies": {
"ms": "^2.1.3"
},
@@ -308,13 +304,15 @@
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/fast-safe-stringify/-/fast-safe-stringify-2.1.1.tgz",
"integrity": "sha512-W+KJc2dmILlPplD/H4K9l9LcAHAfPtP6BY84uVLXQ6Evcz9Lcg33Y2z1IVblT6xdY54PXYVHEv+0Wpq8Io6zkA==",
"license": "MIT"
"license": "MIT",
"peer": true
},
"node_modules/file-type": {
"version": "21.3.2",
"resolved": "https://registry.npmjs.org/file-type/-/file-type-21.3.2.tgz",
"integrity": "sha512-DLkUvGwep3poOV2wpzbHCOnSKGk1LzyXTv+aHFgN2VFl96wnp8YA9YjO2qPzg5PuL8q/SW9Pdi6WTkYOIh995w==",
"license": "MIT",
"peer": true,
"dependencies": {
"@tokenizer/inflate": "^0.4.1",
"strtok3": "^10.3.4",
@@ -346,7 +344,8 @@
"url": "https://feross.org/support"
}
],
"license": "BSD-3-Clause"
"license": "BSD-3-Clause",
"peer": true
},
"node_modules/iterare": {
"version": "1.2.1",
@@ -372,6 +371,7 @@
}
],
"license": "MIT",
"peer": true,
"engines": {
"node": ">=13.2.0"
}
@@ -380,13 +380,15 @@
"version": "2.1.3",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
"integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==",
"license": "MIT"
"license": "MIT",
"peer": true
},
"node_modules/path-to-regexp": {
"version": "8.3.0",
"resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-8.3.0.tgz",
"integrity": "sha512-7jdwVIRtsP8MYpdXSwOS0YdD0Du+qOoF/AEPIt88PcCFrZCzx41oxku1jD88hZBwbNUIEfpqvuhjFaMAqMTWnA==",
"license": "MIT",
"peer": true,
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
@@ -396,7 +398,8 @@
"version": "0.2.2",
"resolved": "https://registry.npmjs.org/reflect-metadata/-/reflect-metadata-0.2.2.tgz",
"integrity": "sha512-urBwgfrvVP/eAyXx4hluJivBKzuEbSQs9rKWCrCkbSxNv8mxPcUZKeuoF3Uy4mJl3Lwprp6yy5/39VWigZ4K6Q==",
"license": "Apache-2.0"
"license": "Apache-2.0",
"peer": true
},
"node_modules/rxjs": {
"version": "7.8.2",
@@ -412,6 +415,7 @@
"resolved": "https://registry.npmjs.org/strtok3/-/strtok3-10.3.5.tgz",
"integrity": "sha512-ki4hZQfh5rX0QDLLkOCj+h+CVNkqmp/CMf8v8kZpkNVK6jGQooMytqzLZYUVYIZcFZ6yDB70EfD8POcFXiF5oA==",
"license": "MIT",
"peer": true,
"dependencies": {
"@tokenizer/token": "^0.3.0"
},
@@ -428,6 +432,7 @@
"resolved": "https://registry.npmjs.org/token-types/-/token-types-6.1.2.tgz",
"integrity": "sha512-dRXchy+C0IgK8WPC6xvCHFRIWYUbqqdEIKPaKo/AcTUNzwLTK6AH7RjdLWsEZcAN/TBdtfUw3PYEgPr5VPr6ww==",
"license": "MIT",
"peer": true,
"dependencies": {
"@borewit/text-codec": "^0.2.1",
"@tokenizer/token": "^0.3.0",
@@ -499,6 +504,7 @@
"resolved": "https://registry.npmjs.org/uid/-/uid-2.0.2.tgz",
"integrity": "sha512-u3xV3X7uzvi5b1MncmZo3i2Aw222Zk1keqLA1YkHldREkAhAqi65wuPfe7lHx8H/Wzy+8CE7S7uS3jekIM5s8g==",
"license": "MIT",
"peer": true,
"dependencies": {
"@lukeed/csprng": "^1.0.0"
},
@@ -511,6 +517,7 @@
"resolved": "https://registry.npmjs.org/uint8array-extras/-/uint8array-extras-1.5.0.tgz",
"integrity": "sha512-rvKSBiC5zqCCiDZ9kAOszZcDvdAHwwIKJG33Ykj43OKcWsnmcBRL09YTU4nOeHZ8Y2a7l1MgTd08SBe9A8Qj6A==",
"license": "MIT",
"peer": true,
"engines": {
"node": ">=18"
},

4
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "@lendry-erp/contracts",
"version": "1.0.29",
"version": "1.0.12",
"description": "Protobuf definitions and generated TypeScript types",
"type": "commonjs",
"main": "./dist/index.js",
@@ -17,8 +17,6 @@
"access": "public"
},
"dependencies": {
"@lendry-erp/contracts": "^1.0.24",
"@lendry-erp/passport": "^1.0.3",
"@nestjs/microservices": "^11.1.17",
"rxjs": "^7.8.2",
"ts-proto": "^2.11.6"

41
proto/account.proto
View File

@@ -1,41 +0,0 @@
syntax = "proto3";
package account;
option go_package = "git.lendry.ru/lendry-erp/proto.git/go;pb";
service AccountService {
rpc GetAccount(GetAccountRequest) returns (GetAccountResponse);
}
message GetAccountRequest {
string id = 1;
}
message GetAccountResponse {
string id = 1;
string username = 2;
string email = 3;
string phone = 4;
string full_name = 5;
bool is_ldap = 6;
string status = 7;
repeated string roles = 8;
string avatar_url = 9;
optional string employee_id = 10;
Presence presence = 11;
string last_active = 12;
string custom_status_text = 13;
string custom_status_emoji = 14;
string timezone = 15;
string language = 16;
bool two_fa_enabled = 17;
bool has_pin = 18;
}
enum Presence {
PRESENCE_UNSPECIFIED = 0;
OFFLINE = 1;
ONLINE = 2;
}

85
proto/auth.proto
View File

@@ -1,85 +0,0 @@
syntax = "proto3";
package auth.v1;
option go_package = "git.lendry.ru/lendry-erp/proto.git/go;pb";
service AuthService {
rpc Login (LoginRequest) returns (LoginResponse);
rpc Refresh (RefreshRequest) returns (RefreshResponse);
rpc VerifyToken (VerifyTokenRequest) returns (VerifyTokenResponse);
rpc GetAccountRoleLevel (GetAccountRoleLevelRequest) returns (GetAccountRoleLevelResponse);
rpc Logout (LogoutRequest) returns (LogoutResponse);
rpc LogoutAll (LogoutRequest) returns (LogoutResponse);
rpc UnlockPin (UnlockPinRequest) returns (UnlockPinResponse);
}
message LoginRequest {
string username = 1;
string password = 2;
}
message LoginResponse {
string access_token = 1;
string refresh_token = 2;
string status = 3;
bool need2fa = 4;
optional string temp_token = 5;
optional string message = 6;
optional string error_code = 7;
}
message RefreshRequest {
string refresh_token = 1;
}
message RefreshResponse {
string access_token = 1;
string refresh_token = 2;
}
message LogoutRequest {
string access_token = 1;
}
message LogoutResponse {
bool success = 1;
string message = 2;
}
message VerifyTokenRequest {
string token = 1;
}
message VerifyTokenResponse {
bool is_valid = 1;
optional string error_message = 2;
optional string id = 3;
optional string username = 4;
optional int32 role_level = 5;
repeated string permissions = 6;
optional string session_id = 7;
optional bool requires_pin = 8;
}
message GetAccountRoleLevelRequest {
string account_id = 1;
}
message GetAccountRoleLevelResponse {
bool found = 1;
int32 role_level = 2;
}
message UnlockPinRequest {
string access_token = 1;
string pin_code = 2;
}
message UnlockPinResponse {
bool success = 1;
string message = 2;
}

74
proto/twofa.proto → proto/identity.proto
View File

@@ -1,21 +1,72 @@
syntax = "proto3";
package twofa.v1;
package identity;
option go_package = "git.lendry.ru/lendry-erp/proto.git/go;pb";
option go_package = './gen';
service AuthService {
rpc Login (LoginRequest) returns (LoginResponse);
rpc Refresh (RefreshRequest) returns (RefreshResponse);
rpc Logout (LogoutRequest) returns (LogoutResponse);
rpc UnlockPin (UnlockPinRequest) returns (UnlockPinResponse);
rpc Verify2Fa (Verify2FaRequest) returns (Verify2FaResponse);
}
service TwoFaService {
rpc Verify2Fa (Verify2FaRequest) returns (Verify2FaResponse);
rpc GetTwoFaStatus (GetTwoFaStatusRequest) returns (GetTwoFaStatusResponse);
rpc StartTotpEnrollment (AuthenticatedAccessRequest) returns (StartTotpEnrollmentResponse);
rpc ConfirmTotpErollment (ConfirmTotpEnrollmentRequest) returns (ConfirmTotpEnrollmentResponse);
rpc CancelTotpEnrollment (AuthenticatedAccessRequest) returns (CancelTotpEnrollmentResponse);
rpc DisableTotp (DisableTotpRequest) returns (DisableTotpResponse);
rpc StartTelegramEnrollment (AuthenticatedAccessRequest) returns (StartTelegramEnrollmentResponse);
rpc ConfirmTelegramEnrollment (ConfirmTelegramEnrollmentRequest) returns (ConfirmTelegramEnrollmentResponse);
rpc DisableTelegram(DisableTelegramRequest) returns (DisableTelegramResponse);
rpc GetTwoFaStatus (GetTwoFaStatusRequest) returns (GetTwoFaStatusResponse);
rpc StartTotpEnrollment (AuthenticatedAccessRequest) returns (StartTotpEnrollmentResponse);
rpc ConfirmTotpErollment (ConfirmTotpEnrollmentRequest) returns (ConfirmTotpEnrollmentResponse);
rpc CancelTotpEnrollment (AuthenticatedAccessRequest) returns (CancelTotpEnrollmentResponse);
rpc DisableTotp (DisableTotpRequest) returns (DisableTotpResponse);
rpc StartTelegramEnrollment (AuthenticatedAccessRequest) returns (StartTelegramEnrollmentResponse);
rpc ConfirmTelegramEnrollment (ConfirmTelegramEnrollmentRequest) returns (ConfirmTelegramEnrollmentResponse);
rpc DisableTelegram(DisableTelegramRequest) returns (DisableTelegramResponse);
}
message LoginRequest {
string username = 1;
string password = 2;
}
message LoginResponse {
string access_token = 1;
string refresh_token = 2;
string status = 3;
bool need2fa = 4;
optional string temp_token = 5;
optional string message = 6;
optional string error_code = 7;
}
message RefreshRequest {
string refresh_token = 1;
}
message RefreshResponse {
string access_token = 1;
string refresh_token = 2;
}
message LogoutRequest {
string access_token = 1;
}
message LogoutResponse {
bool success = 1;
string message = 2;
}
message UnlockPinRequest {
string access_token = 1;
string pin_code = 2;
}
message UnlockPinResponse {
bool success = 1;
string message = 2;
}
message Verify2FaRequest {
string temp_token = 1;
optional string totp_code = 2;
@@ -108,4 +159,3 @@ message DisableTelegramResponse {
string status = 1;
string message = 2;
}

45
proto/ldap-auth.proto
View File

@@ -1,45 +0,0 @@
syntax = "proto3";
package ldap_auth.v1;
option go_package = "git.lendry.ru/lendry-erp/proto.git/go;pb";
service LdapAuthService {
rpc VerifyUser (VerifyRequest) returns (VerifyResponse);
}
// ==========================================
// БАЗОВЫЕ И ПЕРЕИСПОЛЬЗУЕМЫЕ СТРУКТУРЫ
// ==========================================
// Полная модель пользователя
message UserData {
string dn = 1; // Полный путь в AD (Distinguished Name)
string username = 2; // Логин (sAMAccountName)
string display_name = 3; // ФИО (displayName)
string email = 4; // Почта (mail)
string description = 5; // Описание/Должность (description)
bytes avatar = 6; // Аватарка в байтах (thumbnailPhoto)
repeated string groups = 7; // Список групп
bool is_active = 8; // Статус аккаунта
}
// ==========================================
// ЗАПРОСЫ И ОТВЕТЫ (REQUESTS / RESPONSES)
// ==========================================
// --- Авторизация ---
message VerifyRequest {
string username = 1;
string password = 2;
}
message VerifyResponse {
bool success = 1;
string error_message = 2;
UserData user = 3; // Отдаем полные данные при успешном входе
}

92
proto/ldap.proto
View File

@@ -1,94 +1,28 @@
syntax = "proto3";
package ldap.v1;
package ldap_service;
option go_package = "git.lendry.ru/lendry-erp/proto.git/go;pb";
option go_package = "git.lendry.ru/lendry-erp/gen;ldap_service";
service LdapService {
// Управление Пользователями (Bind системного аккаунта) ---
rpc GetUsers (EmptyRequest) returns (UserListResponse);
rpc CreateUser (CreateUserRequest) returns (StatusResponse);
rpc UpdateUser (UpdateUserRequest) returns (StatusResponse);
rpc ChangePassword (ChangePasswordRequest) returns (StatusResponse);
rpc ToggleUserStatus (ToggleStatusRequest) returns (StatusResponse);
// Управление Группами ---
rpc GetGroups (EmptyRequest) returns (GroupListResponse);
rpc AddUserToGroup (GroupMemberRequest) returns (StatusResponse);
rpc RemoveUserFromGroup (GroupMemberRequest) returns (StatusResponse);
service LdapAuth {
rpc VerifyUser (VerifyRequest) returns (VerifyResponse);
}
// ==========================================
// БАЗОВЫЕ И ПЕРЕИСПОЛЬЗУЕМЫЕ СТРУКТУРЫ
// ==========================================
message EmptyRequest {}
message VerifyRequest {
string username = 1;
string password = 2;
}
// Стандартный ответ для мутаций (создание, обновление, удаление)
message StatusResponse {
message VerifyResponse {
bool success = 1;
string error_message = 2;
UserData user = 3;
}
// Полная модель пользователя
message UserData {
string dn = 1; // Полный путь в AD (Distinguished Name)
string username = 2; // Логин (sAMAccountName)
string display_name = 3; // ФИО (displayName)
string email = 4; // Почта (mail)
string description = 5; // Описание/Должность (description)
bytes avatar = 6; // Аватарка в байтах (thumbnailPhoto)
repeated string groups = 7; // Список групп
bool is_active = 8; // Статус аккаунта
}
// Модель группы
message GroupData {
string dn = 1;
string name = 2; // Короткое имя группы (cn)
string display_name = 2;
repeated string groups = 3;
bool is_active = 4;
}
// --- Списки ---
message UserListResponse {
bool success = 1;
string error_message = 2;
repeated UserData users = 3;
}
message GroupListResponse {
bool success = 1;
string error_message = 2;
repeated GroupData groups = 3;
}
// --- Управление профилем ---
message CreateUserRequest {
string username = 1;
string full_name = 2;
string password = 3;
optional string email = 4; // Сразу при создании можно задать почту
}
// Запрос на обновление. Используем optional для частичного обновления.
message UpdateUserRequest {
string username = 1; // Обязательное поле: кого обновляем
optional string display_name = 2; // Новое ФИО (повлечет Rename CN)
optional string email = 3; // Новая почта
optional string description = 4; // Новое описание
optional bytes avatar = 5; // Новая аватарка (бинарник картинки)
}
message ChangePasswordRequest {
string username = 1;
string new_password = 2;
}
message ToggleStatusRequest {
string username = 1;
bool set_active = 2; // true - включить (512), false - отключить (514)
}
// --- Управление членством в группах ---
message GroupMemberRequest {
string username = 1; // Логин пользователя
string group_dn = 2; // Полный путь группы (в которую добавляем / из которой удаляем)
}