syntax = "proto3";

package auth.v1;

option go_package = "git.lendry.ru/lendry-erp/proto.git/go;pb";

service AuthService {
    rpc Login (LoginRequest) returns (LoginResponse);
    rpc Refresh (RefreshRequest) returns (RefreshResponse);
    rpc VerifyToken (VerifyTokenRequest) returns (VerifyTokenResponse);
    rpc GetAccountRoleLevel (GetAccountRoleLevelRequest) returns (GetAccountRoleLevelResponse);
    rpc Logout (LogoutRequest) returns (LogoutResponse);
    rpc LogoutOther (LogoutRequest) returns (LogoutResponse);
    rpc GetSessions(GetSessionRequest) returns (GetSessionsResponse);
    rpc TerminateSession(TerminateSessionRequest) returns (TerminateSessionResponse);
    
}

message LoginRequest {
  string username = 1;
  string password = 2;
}

message LoginResponse {
  string access_token = 1;
  string refresh_token = 2;
  string status = 3;
  bool need2fa = 4;
  optional string temp_token = 5;
  optional string message = 6;
  optional string error_code = 7;
}

message RefreshRequest {
  string refresh_token = 1;
}

message RefreshResponse {
  string access_token = 1;
  string refresh_token = 2;
}

message LogoutRequest {
  string user_id = 1;
  string session_id = 2;
}

message LogoutResponse {
  bool success = 1;
  string message = 2;
}

message VerifyTokenRequest {
  string token = 1;
}

message VerifyTokenResponse {
  bool is_valid = 1;
  optional string error_message = 2;
  optional string id = 3;
  optional string username = 4;
  optional int32 role_level = 5;
  repeated string permissions = 6;
  optional string session_id = 7;
  optional bool requires_pin = 8;
}

message GetAccountRoleLevelRequest {
  string account_id = 1;
}

message GetAccountRoleLevelResponse {
  bool found = 1;
  int32 role_level = 2;
}

message GetSessionRequest {
  string user_id = 1;
  string current_session_id = 2;
}

message SessionItem {
  string id = 1; // Здесь будет лежать захэшированный ID
  string ip_address = 2;
  string user_agent = 3;
  int64 last_activity = 4; // Unix timestamp в миллисекундах
  bool is_current = 5; // Флаг текущей сессии
}

message GetSessionsResponse {
  repeated SessionItem sessions = 1;
}

message TerminateSessionRequest {
  string user_id = 1;
  string target_hash = 2; // Хэш сессии, которую нужно убить
}

message TerminateSessionResponse {
  bool success = 1;
  string message = 2;
}