models

type AppIdentityProvider struct {
	// ID is the id of provider.
	ID bson.ObjectId `bson:"_id" json:"id"`

	// ApplicationID is the id of application.
	ApplicationID bson.ObjectId `bson:"app_id" json:"application_id"`

	// DisplayName is the human-readable string name of the provider.
	DisplayName string `bson:"display_name" json:"display_name"`

	// Name is the service name used in authorization requests. It must not contain spaces and special characters.
	Name string `bson:"name" json:"name"`

	// Type defines the type of provider, such as a password(password) or social authorization(social).
	Type string `bson:"type" json:"type"`

	// ClientID is the client identifier on external network. For example, the application ID in Facebook.
	ClientID string `bson:"client_id" json:"client_id"`

	// ClientSecret is the secret string of the client on external network.
	ClientSecret string `bson:"client_secret" json:"client_secret"`

	// ClientScopes is the scopes list for external network.
	ClientScopes []string `bson:"client_scopes" json:"client_scopes"`

	// EndpointAuthURL is the authentication url on external network.
	EndpointAuthURL string `bson:"endpoint_auth_url" json:"endpoint_auth_url"`

	// EndpointTokenURL is the endpoint url on external network for exchange authentication code to the tokens.
	EndpointTokenURL string `bson:"endpoint_token_url" json:"endpoint_token_url"`

	// EndpointUserInfoURL is the endpoint on external network for to get user information.
	EndpointUserInfoURL string `bson:"endpoint_userinfo_url" json:"endpoint_userinfo_url"`
}

type Application struct {
	// ID is the id for application
	ID bson.ObjectId `bson:"_id" json:"id"`

	// SpaceId is the identifier of the space to which the application belongs.
	SpaceId bson.ObjectId `bson:"space_id" json:"space_id"`

	// Name is the human-readable string name of the application to be presented to the end-user during authorization.
	Name string `bson:"name" json:"name" validate:"required"`

	// Description is the human-readable string description of the application and not be presented to the users.
	Description string `bson:"description" json:"description"`

	// IsActive allows you to enable or disable the application for authorization.
	IsActive bool `bson:"is_active" json:"is_active"`

	// CreatedAt returns the timestamp of the application creation.
	CreatedAt time.Time `bson:"created_at" json:"-"`

	// UpdatedAt returns the timestamp of the last update.
	UpdatedAt time.Time `bson:"updated_at" json:"-"`

	// AuthSecret is a secret string with which the application checks the authentication code and
	// exchanges it for an access token.
	AuthSecret string `bson:"auth_secret" json:"auth_secret" validate:"required"`

	// AuthRedirectUrls is an array of allowed redirect urls for the client.
	AuthRedirectUrls []string `bson:"auth_redirect_urls" json:"auth_redirect_urls" validate:"required"`

	// HasSharedUsers determines whether users are shared across the entire space or only within the application.
	// If this option is set, then users from other applications (in space) will be able to log in to this application.
	HasSharedUsers bool `bson:"has_shared_users" json:"has_shared_users"`

	// PasswordSettings contains settings for valid password criteria.
	PasswordSettings *PasswordSettings `bson:"password_settings" json:"password_settings"`

	// OneTimeTokenSettings contains settings for storing one-time application tokens.
	OneTimeTokenSettings *OneTimeTokenSettings `bson:"ott_settings" json:"ott_settings"`

	// IdentityProviders contains a list of valid authorization providers for the application, for example using a
	// local database, an external social authentication service (facebook, google and etc), SAML, and others.
	IdentityProviders []*AppIdentityProvider `bson:"identity_providers" json:"identity_providers"`
}

type ApplicationForm struct {
	SpaceId     bson.ObjectId       `json:"space_id"`                        // unique space identifier
	Application *ApplicationFormApp `json:"application" validate:"required"` // application data
}

type ApplicationFormApp struct {
	Name             string   `bson:"name" json:"name" validate:"required"`
	Description      string   `bson:"description" json:"description"`
	IsActive         bool     `bson:"is_active" json:"is_active"`
	AuthRedirectUrls []string `bson:"auth_redirect_urls" json:"auth_redirect_urls" validate:"required"`
	HasSharedUsers   bool     `bson:"has_shared_users" json:"has_shared_users"`
}

type ApplicationKeysForm struct {
	ApplicationId string `json:"application_id" validate:"required"` // application id
	Algorithm     string `json:"algorithm" validate:"required"`      // algorithm name (HS256, HS512, RS256, ECDSA)
}

type AuthorizeForm struct {
	// ClientID is the id of the application.
	ClientID string `query:"client_id" form:"client_id" json:"client_id" validate:"required"`

	// Connection is the name of identity provider (see AppIdentityProvider) and contains name of social network.
	Connection string `query:"connection" form:"connection" json:"connection" validate:"required"`

	// RedirectUri is the url for redirection the user after login.
	RedirectUri string `query:"redirect_uri" form:"redirect_uri" json:"redirect_uri"`

	// State is a data line that the application specified before authorization.
	State string `query:"state" form:"state" json:"state"`
}

type AuthorizeLinkForm struct {
	// Challenge is the code of the oauth2 login challenge. This code to generates of the Hydra service.
	Challenge string `query:"challenge" form:"challenge" json:"challenge" validate:"required"`

	// ClientID is the id of the application.
	ClientID string `query:"client_id" form:"client_id" json:"client_id" validate:"required"`

	// Code is a one-time token created as a result of finding an account with the same mail in the password provider.
	Code string `query:"code" form:"code" json:"code" validate:"required"`

	// The Action determines the type of action that needs to be made on requesting a bunch of accounts.
	// If the `link` is transmitted, then an attempt will be made to bundle a social account with an identifier by
	// login and password. If transferred to `new`, then a new account will be created.
	Action string `query:"action" form:"action" json:"action" validate:"required"`

	// Password is the user's password if he wants to link the social account and with the ID by login and password
	// (if during the authorization process an account containing the same mail as on the social network was found).
	// If linking is not needed, the parameter is not passed or is empty.
	Password string `query:"password" form:"password" json:"password"`
}

type AuthorizeLog struct {
	// ID is the record id.
	ID bson.ObjectId `bson:"_id" json:"id"`

	// UserID is the user id.
	UserID bson.ObjectId `bson:"user_id" json:"user_id"`

	// UserAgentId is the user agent id.
	UserAgentId bson.ObjectId `bson:"useragent_id" json:"useragent_id"`

	// IpId is the ip id.
	IpId bson.ObjectId `bson:"ip_id" json:"ip_id"`
}

type AuthorizeResultForm struct {
	// Code is the oauth2 authorization code for exchange to the tokens.
	Code string `query:"code" form:"code" json:"code" validate:"required"`

	// State is a data line that the application specified before authorization.
	State string `query:"state" form:"state" json:"state" validate:"required"`
}

type AuthorizeResultResponse struct {
	// Result is the result of social authorization. Result may by `success` or `error`.
	Result string `json:"result"`

	// Payload contains information for further authorization in Auth1.
	// Typically, this is a one-time token to complete the authorization process (see Oauth2LoginSubmitForm).
	Payload interface{} `json:"payload"`
}

type AuthorizeUserAgent struct {
	// ID is the record id.
	ID bson.ObjectId `bson:"_id" json:"id"`

	// Value is the user agent.
	Value string `bson:"value" json:"value"`
}

type AuthorizeUserIP struct {
	// ID is the record id.
	ID bson.ObjectId `bson:"_id" json:"id"`

	// Value is the ip address.
	Value string `bson:"value" json:"value"`
}

type BcryptEncryptor struct {
	*CryptConfig
}

type ChangePasswordForm struct {
	// ClientID is the application id
	ClientID string `json:"client_id" query:"client_id" validate:"required"`
}

type ChangePasswordStartForm struct {
	// ClientID is the application id
	ClientID string `json:"client_id" form:"client_id" validate:"required"`

	// Email is the email address of the user to which the account is registered.
	Email string `json:"email" form:"email" validate:"required,email"`
}

type ChangePasswordTokenSource struct {
	Email string
}

type ChangePasswordVerifyForm struct {
	// ClientID is the application id
	ClientID string `form:"client_id" json:"client_id" validate:"required"`

	// Token is a one-time token from a password change letter.
	Token string `form:"token" json:"token" validate:"required"`

	// Password is a new user password.
	Password string `form:"password" json:"password" validate:"required"`

	// PasswordRepeat is a confirmation of a new user password.
	PasswordRepeat string `form:"password_repeat" json:"password_repeat" validate:"required"`
}

type CryptConfig struct {
	Cost int
}

type CustomValidator struct {
	Validator *validator.Validate
}

type ErrorInterface interface {
	// GetHttpCode return the http code of the error.
	GetHttpCode() int

	// GetCode return code of the error.
	GetCode() string

	// GetMessage return message of the error.
	GetMessage() string

	// Error return original error.
	Error() string
}

type GeneralError struct {
	// Code is the error code.
	Code string `json:"error,omitempty"`

	// HttpCode is the code for http response.
	HttpCode int `json:"-"`

	// Message is the human-readable string of error message.
	Message string `json:"error_message,omitempty"`

	// Error contains original error.
	Err error `json:"-"`
}

type JwtClaim struct {
	UserId         bson.ObjectId `json:"user_id"`
	AppId          bson.ObjectId `json:"app_id"`
	Email          string        `json:"email"`
	EmailConfirmed bool          `json:"email_confirmed"`
	Nickname       string        `json:"nickname"`
	jwt.StandardClaims
}

type LoginPageForm struct {
	// ClientID is the id of the application.
	ClientID string `form:"client_id" query:"client_id"`

	// RedirectUri is the url for redirection the user after login.
	RedirectUri string `form:"redirect_uri" query:"redirect_uri"`

	// State is a data line that the application specified before authorization.
	State string `form:"state" query:"state"`

	// Scope is a list of scopes that the user has taken.
	Scopes string `form:"scopes" query:"scopes"`
}

type MfaAddForm struct {
	// ClientID is the application id
	ClientId string `json:"client_id" form:"client_id" validate:"required"`

	// ProviderId is the id of the mfa provider.
	ProviderId string `json:"provider_id" form:"provider_id" validate:"required"`

	// Code is the string of one-time code.
	Code string `json:"code" form:"code"`

	// PhoneNumber is the phone number for which the provider will be associated.
	PhoneNumber string `json:"phone_number" form:"phone_number"`
}

type MfaApplicationForm struct {
	// AppId is the application id.
	AppId bson.ObjectId `json:"app_id" validate:"required"`

	// MfaProvider is the MFA provider.
	MfaProvider *MfaApplicationProviderForm `json:"mfa_provider" validate:"required"`
}

type MfaApplicationProviderForm struct {
	// Name is the provider name.
	Name string `bson:"name" json:"name" validate:"required"`

	// Channel is the channel of delivery code.
	Channel string `bson:"channel" json:"channel"`

	// Type is the type of provider (otp, sms).
	Type string `bson:"type" json:"type"`
}

type MfaAuthenticator struct {
	ID            bson.ObjectId `json:"id"`
	Secret        string        `json:"secret"`
	ObbChannel    string        `json:"oob_channel,omitempty"`
	BarcodeUri    string        `json:"barcode_uri,omitempty"`
	Type          string        `json:"authenticator_type"`
	RecoveryCodes []string      `json:"recovery_codes"`
}

type MfaChallengeForm struct {
	// ClientID is the application id.
	ClientId string `json:"client_id" form:"client_id" validate:"required"`

	// Connection is the connection name of the application identity provider.
	Connection string `json:"connection" form:"connection" validate:"required"`

	// Token is the one-time token for mfa connection.
	Token string `json:"mfa_token" form:"mfa_token" validate:"required"`

	// Type is the type of mfa challenge (otp, sms).
	Type string `json:"challenge_type" form:"challenge_type"`
}

type MfaConnection struct {
	// Name is the name of connection.
	Name string `bson:"name" json:"name"`

	// Type is the type of provider (otp, sms).
	Type string `bson:"type" json:"type"`

	// Channel is the channel of delivery code.
	Channel string `bson:"channel" json:"channel"`
}

type MfaListForm struct {
	// ClientID is the application id
	ClientId string `json:"client_id" form:"client_id" validate:"required"`
}

type MfaProvider struct {
	// ID is the id of provider.
	ID bson.ObjectId `bson:"_id" json:"id"`

	// AppID is the id of the application.
	AppID bson.ObjectId `bson:"app_id" json:"app_id"`

	// Name is a human-readable name of provider.
	Name string `bson:"name" json:"name"`

	// Type is the type of provider (otp, sms).
	Type string `bson:"type" json:"type"`

	// Channel is the channel of delivery code.
	Channel string `bson:"channel" json:"channel"`
}

type MfaRemoveForm struct {
	// ClientID is the application id
	ClientId string `json:"client_id" form:"client_id" validate:"required"`

	// ProviderId is the id of the mfa provider.
	ProviderId string `json:"provider_id" form:"provider_id" validate:"required"`
}

type MfaUserProvider struct {
	// UserID is the id of the user.
	UserID bson.ObjectId `bson:"user_id" json:"user_id"`

	// ProviderID is the id of the provider.
	ProviderID bson.ObjectId `bson:"provider_id" json:"provider_id"`
}

type MfaVerifyForm struct {
	// ClientID is the application id.
	ClientId string `json:"client_id" form:"client_id" validate:"required"`

	// ProviderId is the id of the mfa provider.
	ProviderId string `json:"provider_id" form:"provider_id" validate:"required"`

	// Token is the one-time token of mfa challenge.
	Token string `json:"mfa_token" form:"token" validate:"required"`

	// Code is the string of one-time code.
	Code string `json:"code" form:"code"`
}

type Oauth2CallBackForm struct {
	// Code is the oauth2 authorization code for exchange to the tokens.
	Code string `query:"code" form:"code" validate:"required"`

	// State is a data line that the application specified before registration or authorization.
	State string `query:"state" form:"state" validate:"required"`

	// Scope is a list of scopes that the user has taken.
	Scope string `query:"scope" form:"scope" validate:"required"`
}

type Oauth2CallBackResponse struct {
	// Success is the result of the exchange of code. If true, the code was successfully exchanged for tokens.
	Success bool `json:"success"`

	// ErrorMessage is the human-readable string with error message if code was unsuccessfully exchanged.
	ErrorMessage string `json:"error_message,omitempty"`

	// AccessToken is the access token for authorize user in the application.
	AccessToken string `json:"access_token,omitempty"`

	// IdToken is the openid token for authorize user in the application.
	IdToken string `json:"id_token,omitempty"`

	// ExpiresIn is the timestamp of expiration the token.
	ExpiresIn int `json:"expires_in,omitempty"`
}

type Oauth2ConsentForm struct {
	// Challenge is the code of the oauth2 consent challenge. This code to generates of the Hydra service.
	Challenge string `query:"consent_challenge" form:"consent_challenge" validate:"required"`
}

type Oauth2ConsentSubmitForm struct {
	// Challenge is the code of the oauth2 consent challenge. This code to generates of the Hydra service.
	Challenge string `query:"challenge" form:"challenge" validate:"required"`

	// Scope is a list of scopes that the user has taken.
	Scope []string `query:"scope" form:"scope" validate:"required"`
}

type Oauth2IntrospectForm struct {
	// ClientID is the id of the application.
	ClientID string `query:"client_id" form:"client_id" validate:"required"`

	// Secret is the authorization secret of the application.
	Secret string `query:"secret" form:"secret" validate:"required"`

	// Token is the access token.
	Token string `query:"token" form:"token" validate:"required"`
}

type Oauth2LoginForm struct {
	// Challenge is the code of the oauth2 login challenge. This code to generates of the Hydra service.
	Challenge string `query:"login_challenge" form:"login_challenge" validate:"required"`
}

type Oauth2LoginSubmitForm struct {
	// Challenge is the code of the oauth2 login challenge. This code to generates of the Hydra service.
	Challenge string `query:"challenge" form:"challenge" validate:"required"`

	// Email is the email address of user for login request.
	Email string `query:"email" form:"email"`

	// Password is the password string of user for login request.
	Password string `query:"password" form:"password"`

	// PreviousLogin is the previous user login, which was detected in the authorization session and
	// the user selected login through it (without asking for a password).
	PreviousLogin string `query:"previous_login" form:"previous_login"`

	// Token is the one-time token for authorize user without password.
	Token string `query:"token" form:"token"`

	// Remember is the option for the save user session in the cookie.
	Remember bool `query:"remember" form:"remember"`
}

type Oauth2LogoutForm struct {
	// RedirectUri is the url for redirection the user after logout process.
	RedirectUri string `query:"redirect_uri"`
}

type Oauth2SignUpForm struct {
	// Challenge is the code of the oauth2 login challenge. This code to generates of the Hydra service.
	Challenge string `query:"challenge" form:"challenge" validate:"required"`

	// Email is the email address of user for the registration.
	Email string `query:"email" form:"email" validate:"required"`

	// Password is the password string of user for the registration.
	Password string `query:"password" form:"password" validate:"required"`

	// Remember is the option for the save user session in the cookie.
	Remember bool `query:"remember" form:"remember"`
}

type Oauth2TokenIntrospection struct {
	// Active is a boolean indicator of whether or not the presented token
	// is currently active.  The specifics of a token's "active" state
	// will vary depending on the implementation of the authorization
	// server and the information it keeps about its tokens, but a "true"
	// value return for the "active" property will generally indicate
	// that a given token has been issued by this authorization server,
	// has not been revoked by the resource owner, and is within its
	// given time window of validity (e.g., after its issuance time and
	// before its expiration time).
	// Required: true
	Active *bool `json:"active"`

	// Audience contains a list of the token's intended audiences.
	Audience []string `json:"aud"`

	// ClientID is aclient identifier for the OAuth 2.0 client that
	// requested this token.
	ClientID string `json:"client_id,omitempty"`

	// Expires at is an integer timestamp, measured in the number of seconds
	// since January 1 1970 UTC, indicating when this token will expire.
	ExpiresAt int64 `json:"exp,omitempty"`

	// Extra is arbitrary data set by the session.
	Extra map[string]interface{} `json:"ext,omitempty"`

	// Issued at is an integer timestamp, measured in the number of seconds
	// since January 1 1970 UTC, indicating when this token was
	// originally issued.
	IssuedAt int64 `json:"iat,omitempty"`

	// IssuerURL is a string representing the issuer of this token
	Issuer string `json:"iss,omitempty"`

	// NotBefore is an integer timestamp, measured in the number of seconds
	// since January 1 1970 UTC, indicating when this token is not to be
	// used before.
	NotBefore int64 `json:"nbf,omitempty"`

	// ObfuscatedSubject is set when the subject identifier algorithm was set to "pairwise" during authorization.
	// It is the `sub` value of the ID Token that was issued.
	ObfuscatedSubject string `json:"obfuscated_subject,omitempty"`

	// Scope is a JSON string containing a space-separated list of
	// scopes associated with this token.
	Scope string `json:"scope,omitempty"`

	// Subject of the token, as defined in JWT [RFC7519].
	// Usually a machine-readable identifier of the resource owner who
	// authorized this token.
	Subject string `json:"sub,omitempty"`

	// TokenType is the introspected token's type, for example `access_token` or `refresh_token`.
	TokenType string `json:"token_type,omitempty"`

	// Username is a human-readable identifier for the resource owner who
	// authorized this token.
	Username string `json:"username,omitempty"`
}

type OneTimeToken struct {
	// Token is the value of one-time token.
	Token string `json:"token,omitempty"`
}

type OneTimeTokenSettings struct {
	// Length is the length of token.
	Length int `bson:"length" json:"length"`

	//TTL is the expiration time for the token.
	TTL int `bson:"ttl" json:"ttl"`
}

type PasswordLessStartForm struct {
	ClientId   string `json:"client_id" form:"client_id" validate:"required"`
	Connection string `json:"connection" form:"connection" validate:"required"`
}

type PasswordLessVerifyForm struct {
	ClientId   string `json:"client_id" form:"client_id" validate:"required"`
	Connection string `json:"connection" form:"connection" validate:"required"`
	Code       string `json:"verification_code" form:"verification_code" validate:"required"`
	Token      string `json:"token" form:"token" validate:"required"`
}

type PasswordSettings struct {
	// BcryptCost determines the depth of password encryption for providers based on the database.
	// CPU load and performance depend on the BCrypt cost.
	BcryptCost int `bson:"bcrypt_cost" json:"bcrypt_cost"`

	// Min is the minimal length password.
	Min int `bson:"min" json:"min"`

	// Max is the maximum length password.
	Max int `bson:"max" json:"max"`

	// RequireNumber requires numbers in the password.
	RequireNumber bool `bson:"require_number" json:"require_number"`

	// RequireUpper requires a capital letter in the password.
	RequireUpper bool `bson:"require_upper" json:"require_upper"`

	// RequireSpecial requires special characters in the password (~,!, @, and the like).
	RequireSpecial bool `bson:"require_special" json:"require_special"`

	// TokenLength determines the length of the token in the password change letter.
	TokenLength int `bson:"token_length" json:"token_length"`

	// TokenTTL determines the token's lifetime in the password change letter.
	TokenTTL int `bson:"token_ttl" json:"token_ttl"`
}

type SocialSettings struct {
	// LinkedTokenLength determines the length of the token.
	LinkedTokenLength int `json:"linked_token_length"`

	// LinkedTTL determines the token's lifetime.
	LinkedTTL int `json:"linked_token_ttl"`
}

type Space struct {
	Id          bson.ObjectId `bson:"_id" json:"id"`                        // unique space identifier
	Name        string        `bson:"name" json:"name" validate:"required"` // space name
	Description string        `bson:"description" json:"description"`       // space description
	IsActive    bool          `bson:"is_active" json:"is_active"`           // is space active
	CreatedAt   time.Time     `bson:"created_at" json:"-"`                  // date of create space
	UpdatedAt   time.Time     `bson:"updated_at" json:"-"`                  // date of update space
}

type SpaceForm struct {
	Name        string `bson:"name" json:"name" validate:"required"` // space name
	Description string `bson:"description" json:"description"`       // space description
	IsActive    bool   `bson:"is_active" json:"is_active"`           // is space active
}

type User struct {
	// ID is the id of user.
	ID bson.ObjectId `bson:"_id" json:"id"`

	// AppID is the id of the application.
	AppID bson.ObjectId `bson:"app_id" json:"app_id"`

	// Email is the email address of the user.
	Email string `bson:"email" json:"email" validate:"required,email"`

	// EmailVerified is status of verification user address.
	EmailVerified bool `bson:"email_verified" json:"email_verified"`

	// PhoneNumber is the phone number of the user.
	PhoneNumber string `bson:"phone_number" json:"phone_number"`

	// PhoneVerified is status of verification user phone.
	PhoneVerified bool `bson:"phone_verified" json:"phone_verified"`

	// Username is the nickname of the user.
	Username string `bson:"username" json:"username"`

	// Name is the name of the user. Contains first anf last name.
	Name string `bson:"name" json:"name"`

	// Picture is the avatar of the user.
	Picture string `bson:"picture" json:"picture"`

	// LastIp returns the ip of the last login.
	LastIp string `bson:"last_ip" json:"last_ip"`

	// LastLogin returns the timestamp of the last login.
	LastLogin time.Time `bson:"last_login" json:"last_login"`

	// LoginsCount contains count authorization for the user.
	LoginsCount int `bson:"logins_count" json:"logins_count"`

	// Blocked is status of user blocked.
	Blocked bool `bson:"blocked" json:"blocked"`

	// CreatedAt returns the timestamp of the user creation.
	CreatedAt time.Time `bson:"created_at" json:"created_at"`

	// UpdatedAt returns the timestamp of the last update.
	UpdatedAt time.Time `bson:"updated_at" json:"updated_at"`
}

type UserIdentity struct {
	// ID is the id of identity.
	ID bson.ObjectId `bson:"_id" json:"id"`

	// UserID is the id of the user.
	UserID bson.ObjectId `bson:"user_id" json:"user_id"`

	// ApplicationID is the id of the application.
	ApplicationID bson.ObjectId `bson:"app_id" json:"app_id"`

	// IdentityProviderID is the id of identity provider.
	IdentityProviderID bson.ObjectId `bson:"identity_provider_id" json:"identity_provider_id" validate:"required"`

	// ExternalID is the id of external network (like a facebook user id).
	ExternalID string `bson:"external_id" json:"external_id"`

	// Credential is the
	Credential string `bson:"credential" json:"-" validate:"required"`

	// Email is the email address of the user.
	Email string `bson:"email" json:"email" validate:"required,email"`

	// Username is the nickname of the user.
	Username string `bson:"username" json:"username"`

	// Name is the name of the user. Contains first anf last name.
	Name string `bson:"name" json:"name"`

	// Picture is the avatar of the user.
	Picture string `bson:"picture" json:"picture"`

	// Friends is a list of the friends to external network.
	Friends []string `bson:"friends" json:"friends"`

	// CreatedAt returns the timestamp of the user identity creation.
	CreatedAt time.Time `bson:"created_at" json:"created_at"`

	// UpdatedAt returns the timestamp of the last update.
	UpdatedAt time.Time `bson:"updated_at" json:"updated_at"`
}

type UserIdentitySocial struct {
	// ID is the id in the external network.
	ID string `json:"id"`

	// Name is the nickname or username of the user.
	Name string `json:"name"`

	// FirstName is the first name of the user.
	FirstName string `json:"first_name"`

	// LastName is the last name of the user.
	LastName string `json:"last_name"`

	// Email is the email address of the user.
	Email string `json:"email"`

	// Birthday is the date of birthday.
	Birthday string `json:"birthday"`

	// Picture is the avatar of the user.
	Picture string `json:"picture"`

	// Token is the access token on social network.
	Token string `json:"token"`
}

type UserMfaToken struct {
	// UserIdentity is the user identity record.
	UserIdentity *UserIdentity

	// MfaProvider is the mfa provider.
	MfaProvider *MfaProvider
}