Login Microservice
The Login microservice handles authentication and session management, including login, OTP verification, session handling, and password reset flows.
Models (login.go)
Login
Tracks login sessions of users.
| Field | Type | Description |
|---|---|---|
ID | uint32 | Unique login record ID |
UserID | uint32 | ID of the user who logged in |
SessionID | string | Unique session identifier |
LoginTime | time.Time | Timestamp of login |
LogoutTime | time.Time | Timestamp of logout |
Reset
Holds password reset request details.
| Field | Type | Description |
|---|---|---|
ID | uint32 | Unique reset record ID |
Email | string | User's email address |
OTP | uint32 | One-time password sent for reset |
ExpireAt | time.Time | OTP expiration timestamp |
Session
Manages OTP-based session verification.
| Field | Type | Description |
|---|---|---|
ID | uint32 | Session record ID |
SessionID | string | Unique session ID |
OTP | uint32 | OTP sent to user |
LoginID | uint32 | Associated login record ID |
ExpireAt | time.Time | Expiration of this session |
gRPC API (login.proto)
Defines the contract for login, OTP, session management, and password reset.
Key Messages
LoginRequest: User credentials (username and password).LogoutRequest: Contains token to terminate the session.User: Detailed user info (ID, role, org, contact, etc.).TokenResponse: Token and user data returned after successful login or OTP verification.SessionIDResponse: Returned after successful login, before OTP.LogoutResponse: Confirmation of logout.SessionResponse: Retrieves user ID and expiration from a session ID.OtpRequest: Session ID and OTP for second-factor login.ResetRequest: Request to initiate password reset.ResetValidateRequest: Validate OTP for reset flow.CheckResponse: Generic boolean response to indicate success or validation result.
Services
Login(LoginRequest) returns (SessionIDResponse): Begins the login process.Otp(OtpRequest) returns (TokenResponse): Validates OTP and returns token.Reset(ResetRequest) returns (CheckResponse): Sends reset OTP to email.ResetValidate(ResetValidateRequest) returns (CheckResponse): Verifies OTP during password reset.Logout(LogoutRequest) returns (LogoutResponse): Logs out the user.GetUserIDBySessionID(GetUserIDBySessionIdRequest) returns (SessionResponse): Gets user info from session.