Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

backupauth

package

Go to main page

Versions in this module

v0

v0.0.14

Jan 4, 2026

v0.0.13

Jan 3, 2026

v0.0.12

Jan 3, 2026

v0.0.11

Jan 3, 2026

v0.0.10

Jan 3, 2026

v0.0.9

Jan 3, 2026

v0.0.8

Dec 31, 2025

v0.0.7

Dec 29, 2025

v0.0.6

Dec 17, 2025

v0.0.5

Dec 12, 2025

v0.0.4

Dec 8, 2025

v0.0.3

Dec 8, 2025

v0.0.2

Nov 24, 2025

v0.0.1

Nov 20, 2025

Changes in this version

+ const PluginID

+ const PluginName

+ const PluginVersion

+ var ErrAccountLocked = errors.New("account locked due to too many recovery attempts")

+ var ErrAdminReviewRequired = errors.New("admin review required for recovery")

+ var ErrAnswerTooLong = errors.New("answer is too long")

+ var ErrAnswerTooShort = errors.New("answer is too short")

+ var ErrCommonAnswer = errors.New("answer is too common, please choose a more unique answer")

+ var ErrConfidenceScoreTooLow = errors.New("confidence score too low")

+ var ErrCooldownActive = errors.New("cooldown period active, please wait before retrying")

+ var ErrDecryptionFailed = errors.New("decryption failed")

+ var ErrDocumentExpired = errors.New("document expired")

+ var ErrDocumentImageRequired = errors.New("document image required")

+ var ErrDocumentVerificationFailed = errors.New("document verification failed")

+ var ErrDocumentVerificationNotFound = errors.New("document verification not found")

+ var ErrDocumentVerificationPending = errors.New("document verification pending review")

+ var ErrEmailNotVerified = errors.New("email not verified")

+ var ErrEncryptionFailed = errors.New("encryption failed")

+ var ErrFileNotFound = errors.New("file not found")

+ var ErrFileUploadFailed = errors.New("file upload failed")

+ var ErrHighRiskDetected = errors.New("high risk detected, additional verification required")

+ var ErrInsufficientSecurityQuestions = errors.New("insufficient security questions configured")

+ var ErrInsufficientTrustedContacts = errors.New("insufficient trusted contacts configured")

+ var ErrInvalidConfiguration = errors.New("invalid configuration")

+ var ErrInvalidDocumentType = errors.New("invalid document type")

+ var ErrInvalidEmail = errors.New("invalid email")

+ var ErrInvalidInput = errors.New("invalid input")

+ var ErrInvalidPhone = errors.New("invalid phone")

+ var ErrInvalidRecoveryCode = errors.New("invalid recovery code")

+ var ErrInvalidSecurityAnswer = errors.New("invalid security answer")

+ var ErrInvalidSession = errors.New("invalid session")

+ var ErrInvalidVerificationCode = errors.New("invalid verification code")

+ var ErrLivenessCheckFailed = errors.New("liveness check failed")

+ var ErrMaxVerificationAttemptsExceeded = errors.New("maximum verification attempts exceeded")

+ var ErrMissingRequiredField = errors.New("missing required field")

+ var ErrNoRecoveryCodesAvailable = errors.New("no recovery codes available")

+ var ErrPermissionDenied = errors.New("permission denied")

+ var ErrPhoneNotVerified = errors.New("phone not verified")

+ var ErrProviderAuthFailed = errors.New("provider authentication failed")

+ var ErrProviderError = errors.New("provider error")

+ var ErrProviderNotConfigured = errors.New("provider not configured")

+ var ErrProviderTimeout = errors.New("provider timeout")

+ var ErrProviderUnavailable = errors.New("provider unavailable")

+ var ErrRateLimitExceeded = errors.New("rate limit exceeded")

+ var ErrRecoveryCodeAlreadyUsed = errors.New("recovery code already used")

+ var ErrRecoveryCodeExpired = errors.New("recovery code expired")

+ var ErrRecoveryMethodNotEnabled = errors.New("recovery method not enabled")

+ var ErrRecoveryNotConfigured = errors.New("backup recovery not configured")

+ var ErrRecoverySessionCancelled = errors.New("recovery session cancelled")

+ var ErrRecoverySessionCompleted = errors.New("recovery session already completed")

+ var ErrRecoverySessionExpired = errors.New("recovery session expired")

+ var ErrRecoverySessionInProgress = errors.New("recovery session already in progress")

+ var ErrRecoverySessionLocked = errors.New("recovery session locked due to too many attempts")

+ var ErrRecoverySessionNotFound = errors.New("recovery session not found")

+ var ErrRecoveryStepAlreadyCompleted = errors.New("recovery step already completed")

+ var ErrRecoveryStepRequired = errors.New("recovery step required")

+ var ErrRiskScoreTooHigh = errors.New("risk score too high, recovery blocked")

+ var ErrSecurityQuestionAlreadyExists = errors.New("security question already exists")

+ var ErrSecurityQuestionLocked = errors.New("security question locked due to failed attempts")

+ var ErrSecurityQuestionNotFound = errors.New("security question not found")

+ var ErrSelfieRequired = errors.New("selfie required")

+ var ErrStorageError = errors.New("storage error")

+ var ErrTooManyAttempts = errors.New("too many recovery attempts")

+ var ErrTrustedContactAlreadyExists = errors.New("trusted contact already exists")

+ var ErrTrustedContactCooldown = errors.New("trusted contact notification cooldown active")

+ var ErrTrustedContactLimitExceeded = errors.New("trusted contact limit exceeded")

+ var ErrTrustedContactNotFound = errors.New("trusted contact not found")

+ var ErrTrustedContactNotVerified = errors.New("trusted contact not verified")

+ var ErrTrustedContactNotificationFailed = errors.New("failed to notify trusted contact")

+ var ErrUnauthorized = errors.New("unauthorized")

+ var ErrVerificationCodeAlreadyUsed = errors.New("verification code already used")

+ var ErrVerificationCodeExpired = errors.New("verification code expired")

+ var ErrVideoSessionExpired = errors.New("video session expired")

+ var ErrVideoSessionNotFound = errors.New("video session not found")

+ var ErrVideoSessionNotScheduled = errors.New("video session not scheduled")

+ var ErrVideoVerificationFailed = errors.New("video verification failed")

+ var ErrVideoVerificationPending = errors.New("video verification pending review")

+ type AddTrustedContactRequest struct

+ Email string

+ Name string

+ Phone string

+ Relationship string

+ type AddTrustedContactResponse struct

+ AddedAt time.Time

+ ContactID xid.ID

+ Email string

+ Message string

+ Name string

+ Phone string

+ Verified bool

+ type ApproveRecoveryRequest struct

+ Notes string

+ SessionID xid.ID

+ type ApproveRecoveryResponse struct

+ Approved bool

+ ApprovedAt time.Time

+ Message string

+ SessionID xid.ID

+ type AuditConfig struct

+ ArchiveInterval time.Duration

+ ArchiveOldLogs bool

+ Enabled bool

+ ImmutableLogs bool

+ LogAllAttempts bool

+ LogDeviceInfo bool

+ LogFailed bool

+ LogIPAddress bool

+ LogSuccessful bool

+ LogUserAgent bool

+ RetentionDays int

+ type BackupAuthCodesResponse struct

+ Codes []string

+ type BackupAuthConfigResponse struct

+ Config interface{}

+ type BackupAuthContactResponse struct

+ ID string

+ type BackupAuthContactsResponse struct

+ Contacts []interface{}

+ type BackupAuthDocumentResponse struct

+ ID string

+ type BackupAuthQuestionsResponse struct

+ Questions []string

+ type BackupAuthRecoveryResponse struct

+ SessionID string

+ type BackupAuthSessionsResponse struct

+ Sessions []interface{}

+ type BackupAuthStatsResponse struct

+ Stats interface{}

+ type BackupAuthStatusResponse struct

+ Status string

+ type BackupAuthVideoResponse struct

+ SessionID string

+ type BunRepository struct

+ func (r *BunRepository) CountActiveTrustedContacts(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID) (int, error)

+ func (r *BunRepository) CreateDocumentVerification(ctx context.Context, dv *DocumentVerification) error

+ func (r *BunRepository) CreateRecoveryCodeUsage(ctx context.Context, rcu *RecoveryCodeUsage) error

+ func (r *BunRepository) CreateRecoveryConfig(ctx context.Context, rc *RecoveryConfiguration) error

+ func (r *BunRepository) CreateRecoveryLog(ctx context.Context, log *RecoveryAttemptLog) error

+ func (r *BunRepository) CreateRecoverySession(ctx context.Context, rs *RecoverySession) error

+ func (r *BunRepository) CreateSecurityQuestion(ctx context.Context, q *SecurityQuestion) error

+ func (r *BunRepository) CreateTrustedContact(ctx context.Context, tc *TrustedContact) error

+ func (r *BunRepository) CreateVideoSession(ctx context.Context, vs *VideoVerificationSession) error

+ func (r *BunRepository) DeleteDocumentVerification(ctx context.Context, id xid.ID) error

+ func (r *BunRepository) DeleteRecoverySession(ctx context.Context, id xid.ID) error

+ func (r *BunRepository) DeleteSecurityQuestion(ctx context.Context, id xid.ID) error

+ func (r *BunRepository) DeleteTrustedContact(ctx context.Context, id xid.ID) error

+ func (r *BunRepository) DeleteVideoSession(ctx context.Context, id xid.ID) error

+ func (r *BunRepository) ExpireRecoverySessions(ctx context.Context, before time.Time) (int, error)

+ func (r *BunRepository) GetActiveRecoverySession(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID) (*RecoverySession, error)

+ func (r *BunRepository) GetDocumentVerification(ctx context.Context, id xid.ID) (*DocumentVerification, error)

+ func (r *BunRepository) GetDocumentVerificationByRecovery(ctx context.Context, recoveryID xid.ID) (*DocumentVerification, error)

+ func (r *BunRepository) GetRecentRecoveryAttempts(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID, ...) (int, error)

+ func (r *BunRepository) GetRecoveryCodeUsage(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID, ...) (*RecoveryCodeUsage, error)

+ func (r *BunRepository) GetRecoveryConfig(ctx context.Context, appID xid.ID, userOrganizationID *xid.ID) (*RecoveryConfiguration, error)

+ func (r *BunRepository) GetRecoveryLogs(ctx context.Context, recoveryID xid.ID) ([]*RecoveryAttemptLog, error)

+ func (r *BunRepository) GetRecoveryLogsByUser(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID, ...) ([]*RecoveryAttemptLog, error)

+ func (r *BunRepository) GetRecoverySession(ctx context.Context, id xid.ID) (*RecoverySession, error)

+ func (r *BunRepository) GetRecoveryStats(ctx context.Context, appID xid.ID, userOrganizationID *xid.ID, ...) (map[string]interface{}, error)

+ func (r *BunRepository) GetSecurityQuestion(ctx context.Context, id xid.ID) (*SecurityQuestion, error)

+ func (r *BunRepository) GetSecurityQuestionsByUser(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID) ([]*SecurityQuestion, error)

+ func (r *BunRepository) GetTrustedContact(ctx context.Context, id xid.ID) (*TrustedContact, error)

+ func (r *BunRepository) GetTrustedContactByToken(ctx context.Context, token string) (*TrustedContact, error)

+ func (r *BunRepository) GetTrustedContactsByUser(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID) ([]*TrustedContact, error)

+ func (r *BunRepository) GetVideoSession(ctx context.Context, id xid.ID) (*VideoVerificationSession, error)

+ func (r *BunRepository) GetVideoSessionByRecovery(ctx context.Context, recoveryID xid.ID) (*VideoVerificationSession, error)

+ func (r *BunRepository) IncrementQuestionFailedAttempts(ctx context.Context, id xid.ID) error

+ func (r *BunRepository) IncrementSessionAttempts(ctx context.Context, id xid.ID) error

+ func (r *BunRepository) ListRecoverySessions(ctx context.Context, appID xid.ID, userOrganizationID *xid.ID, ...) ([]*RecoverySession, int, error)

+ func (r *BunRepository) UpdateDocumentVerification(ctx context.Context, dv *DocumentVerification) error

+ func (r *BunRepository) UpdateRecoveryConfig(ctx context.Context, rc *RecoveryConfiguration) error

+ func (r *BunRepository) UpdateRecoverySession(ctx context.Context, rs *RecoverySession) error

+ func (r *BunRepository) UpdateSecurityQuestion(ctx context.Context, q *SecurityQuestion) error

+ func (r *BunRepository) UpdateTrustedContact(ctx context.Context, tc *TrustedContact) error

+ func (r *BunRepository) UpdateVideoSession(ctx context.Context, vs *VideoVerificationSession) error

+ type CancelRecoveryRequest struct

+ Reason string

+ SessionID xid.ID

+ type CompleteRecoveryRequest struct

+ SessionID xid.ID

+ type CompleteRecoveryResponse struct

+ CompletedAt time.Time

+ Message string

+ SessionID xid.ID

+ Status RecoveryStatus

+ Token string

+ type CompleteVideoSessionRequest struct

+ LivenessPassed bool

+ LivenessScore float64

+ Notes string

+ VerificationResult string

+ VideoSessionID xid.ID

+ type CompleteVideoSessionResponse struct

+ CompletedAt time.Time

+ Message string

+ Result string

+ VideoSessionID xid.ID

+ type Config struct

+ Audit AuditConfig

+ DocumentVerification DocumentVerificationConfig

+ EmailVerification EmailVerificationConfig

+ Enabled bool

+ MultiStepRecovery MultiStepRecoveryConfig

+ Notifications NotificationsConfig

+ RateLimiting RateLimitingConfig

+ RecoveryCodes RecoveryCodesConfig

+ RiskAssessment RiskAssessmentConfig

+ SMSVerification SMSVerificationConfig

+ SecurityQuestions SecurityQuestionsConfig

+ TrustedContacts TrustedContactsConfig

+ VideoVerification VideoVerificationConfig

+ func DefaultConfig() *Config

+ func (c *Config) Validate()

+ type ContinueRecoveryRequest struct

+ Method RecoveryMethod

+ SessionID xid.ID

+ type ContinueRecoveryResponse struct

+ CurrentStep int

+ Data map[string]interface{}

+ ExpiresAt time.Time

+ Instructions string

+ Method RecoveryMethod

+ SessionID xid.ID

+ TotalSteps int

+ type DefaultProviderRegistry struct

+ func NewDefaultProviderRegistry() *DefaultProviderRegistry

+ func (r *DefaultProviderRegistry) DocumentProvider() DocumentProvider

+ func (r *DefaultProviderRegistry) EmailProvider() EmailProvider

+ func (r *DefaultProviderRegistry) NotificationProvider() NotificationProvider

+ func (r *DefaultProviderRegistry) SMSProvider() SMSProvider

+ func (r *DefaultProviderRegistry) SetDocumentProvider(provider DocumentProvider)

+ func (r *DefaultProviderRegistry) SetEmailProvider(provider EmailProvider)

+ func (r *DefaultProviderRegistry) SetNotificationProvider(provider NotificationProvider)

+ func (r *DefaultProviderRegistry) SetSMSProvider(provider SMSProvider)

+ func (r *DefaultProviderRegistry) SetVideoProvider(provider VideoProvider)

+ func (r *DefaultProviderRegistry) VideoProvider() VideoProvider

+ type DocumentProvider interface

+ GetVerificationStatus func(ctx context.Context, verificationID string) (*DocumentVerificationResult, error)

+ VerifyDocument func(ctx context.Context, req *DocumentVerificationRequest) (*DocumentVerificationResult, error)

+ type DocumentVerification struct

+ AppID xid.ID

+ BackImageURL string

+ ConfidenceScore float64

+ DocumentNumber string

+ DocumentType string

+ ExpiresAt time.Time

+ ExtractedData map[string]interface{}

+ FrontImageURL string

+ ID xid.ID

+ Metadata map[string]string

+ ProviderID string

+ ProviderName string

+ ProviderResponse map[string]interface{}

+ RecoveryID xid.ID

+ RejectionReason string

+ SelfieURL string

+ UserID xid.ID

+ UserOrganizationID *xid.ID

+ VerificationStatus string

+ VerifiedAt *time.Time

+ VerifiedBy *xid.ID

+ type DocumentVerificationConfig struct

+ AcceptedDocuments []string

+ Enabled bool

+ EncryptAtRest bool

+ EncryptionKey string

+ MinConfidenceScore float64

+ Provider string

+ RequireBothSides bool

+ RequireManualReview bool

+ RequireSelfie bool

+ RetentionPeriod time.Duration

+ StoragePath string

+ StorageProvider string

+ type DocumentVerificationRequest struct

+ BackImage []byte

+ DocumentType string

+ FrontImage []byte

+ Selfie []byte

+ UserID xid.ID

+ type DocumentVerificationResult struct

+ ConfidenceScore float64

+ ExtractedData map[string]interface{}

+ ProviderResponse map[string]interface{}

+ RejectionReason string

+ Status string

+ VerificationID string

+ type EmailProvider interface

+ SendRecoveryNotification func(ctx context.Context, to, subject, body string) error

+ SendVerificationEmail func(ctx context.Context, to, code string, expiresIn time.Duration) error

+ type EmailVerificationConfig struct

+ CodeExpiry time.Duration

+ CodeLength int

+ EmailTemplate string

+ Enabled bool

+ FromAddress string

+ FromName string

+ MaxAttempts int

+ RequireEmailProof bool

+ type ErrorResponse struct

+ Code string

+ Details map[string]interface{}

+ Error string

+ Message string

+ type GenerateRecoveryCodesRequest struct

+ Count int

+ Format string

+ type GenerateRecoveryCodesResponse struct

+ Codes []string

+ Count int

+ GeneratedAt time.Time

+ Warning string

+ type GetDocumentVerificationRequest struct

+ DocumentID xid.ID

+ type GetDocumentVerificationResponse struct

+ ConfidenceScore float64

+ DocumentID xid.ID

+ Message string

+ RejectionReason string

+ Status string

+ VerifiedAt *time.Time

+ type GetRecoveryConfigResponse struct

+ EnabledMethods []RecoveryMethod

+ MinimumStepsRequired int

+ RequireAdminReview bool

+ RequireMultipleSteps bool

+ RiskScoreThreshold float64

+ type GetRecoveryStatsRequest struct

+ EndDate time.Time

+ OrganizationID string

+ StartDate time.Time

+ type GetRecoveryStatsResponse struct

+ AdminReviewsRequired int

+ AverageRiskScore float64

+ FailedRecoveries int

+ HighRiskAttempts int

+ MethodStats map[RecoveryMethod]int

+ PendingRecoveries int

+ SuccessRate float64

+ SuccessfulRecoveries int

+ TotalAttempts int

+ type GetSecurityQuestionsRequest struct

+ SessionID xid.ID

+ type GetSecurityQuestionsResponse struct

+ Questions []SecurityQuestionInfo

+ type Handler struct

+ func NewHandler(service *Service) *Handler

+ func (h *Handler) AddTrustedContact(c forge.Context) error

+ func (h *Handler) ApproveRecovery(c forge.Context) error

+ func (h *Handler) CancelRecovery(c forge.Context) error

+ func (h *Handler) CompleteRecovery(c forge.Context) error

+ func (h *Handler) CompleteVideoSession(c forge.Context) error

+ func (h *Handler) ContinueRecovery(c forge.Context) error

+ func (h *Handler) GenerateRecoveryCodes(c forge.Context) error

+ func (h *Handler) GetDocumentVerification(c forge.Context) error

+ func (h *Handler) GetRecoveryConfig(c forge.Context) error

+ func (h *Handler) GetRecoveryStats(c forge.Context) error

+ func (h *Handler) GetSecurityQuestions(c forge.Context) error

+ func (h *Handler) HealthCheck(c forge.Context) error

+ func (h *Handler) ListRecoverySessions(c forge.Context) error

+ func (h *Handler) ListTrustedContacts(c forge.Context) error

+ func (h *Handler) RejectRecovery(c forge.Context) error

+ func (h *Handler) RemoveTrustedContact(c forge.Context) error

+ func (h *Handler) RequestTrustedContactVerification(c forge.Context) error

+ func (h *Handler) ReviewDocument(c forge.Context) error

+ func (h *Handler) ScheduleVideoSession(c forge.Context) error

+ func (h *Handler) SendVerificationCode(c forge.Context) error

+ func (h *Handler) SetupSecurityQuestions(c forge.Context) error

+ func (h *Handler) StartRecovery(c forge.Context) error

+ func (h *Handler) StartVideoSession(c forge.Context) error

+ func (h *Handler) UpdateRecoveryConfig(c forge.Context) error

+ func (h *Handler) UploadDocument(c forge.Context) error

+ func (h *Handler) VerifyCode(c forge.Context) error

+ func (h *Handler) VerifyRecoveryCode(c forge.Context) error

+ func (h *Handler) VerifySecurityAnswers(c forge.Context) error

+ func (h *Handler) VerifyTrustedContact(c forge.Context) error

+ type HealthCheckResponse struct

+ EnabledMethods []RecoveryMethod

+ Healthy bool

+ Message string

+ ProvidersStatus map[string]string

+ Version string

+ type ListRecoverySessionsRequest struct

+ OrganizationID string

+ Page int

+ PageSize int

+ RequiresReview bool

+ Status RecoveryStatus

+ type ListRecoverySessionsResponse struct

+ Page int

+ PageSize int

+ Sessions []RecoverySessionInfo

+ TotalCount int

+ type ListTrustedContactsResponse struct

+ Contacts []TrustedContactInfo

+ Count int

+ type MultiStepRecoveryConfig struct

+ AllowStepSkip bool

+ AllowUserChoice bool

+ Enabled bool

+ HighRiskSteps []RecoveryMethod

+ LowRiskSteps []RecoveryMethod

+ MediumRiskSteps []RecoveryMethod

+ MinimumSteps int

+ RequireAdminApproval bool

+ SessionExpiry time.Duration

+ type NoOpDocumentProvider struct

+ func (p *NoOpDocumentProvider) GetVerificationStatus(ctx context.Context, verificationID string) (*DocumentVerificationResult, error)

+ func (p *NoOpDocumentProvider) VerifyDocument(ctx context.Context, req *DocumentVerificationRequest) (*DocumentVerificationResult, error)

+ type NoOpEmailProvider struct

+ func (p *NoOpEmailProvider) SendRecoveryNotification(ctx context.Context, to, subject, body string) error

+ func (p *NoOpEmailProvider) SendVerificationEmail(ctx context.Context, to, code string, expiresIn time.Duration) error

+ type NoOpNotificationProvider struct

+ func (p *NoOpNotificationProvider) NotifyAdminReviewRequired(ctx context.Context, sessionID xid.ID, userID xid.ID, riskScore float64) error

+ func (p *NoOpNotificationProvider) NotifyHighRiskAttempt(ctx context.Context, userID xid.ID, riskScore float64) error

+ func (p *NoOpNotificationProvider) NotifyRecoveryCompleted(ctx context.Context, userID xid.ID, sessionID xid.ID) error

+ func (p *NoOpNotificationProvider) NotifyRecoveryFailed(ctx context.Context, userID xid.ID, sessionID xid.ID, reason string) error

+ func (p *NoOpNotificationProvider) NotifyRecoveryStarted(ctx context.Context, userID xid.ID, sessionID xid.ID, method RecoveryMethod) error

+ type NoOpSMSProvider struct

+ func (p *NoOpSMSProvider) SendRecoveryNotification(ctx context.Context, to, message string) error

+ func (p *NoOpSMSProvider) SendVerificationSMS(ctx context.Context, to, code string, expiresIn time.Duration) error

+ type NoOpVideoProvider struct

+ func (p *NoOpVideoProvider) CancelSession(ctx context.Context, sessionID string) error

+ func (p *NoOpVideoProvider) CompleteSession(ctx context.Context, sessionID string, result VideoSessionResult) error

+ func (p *NoOpVideoProvider) CreateSession(ctx context.Context, userID xid.ID, scheduledAt time.Time) (*VideoSessionInfo, error)

+ func (p *NoOpVideoProvider) GetSession(ctx context.Context, sessionID string) (*VideoSessionInfo, error)

+ func (p *NoOpVideoProvider) StartSession(ctx context.Context, sessionID string) (*VideoSessionInfo, error)

+ type NotificationProvider interface

+ NotifyAdminReviewRequired func(ctx context.Context, sessionID xid.ID, userID xid.ID, riskScore float64) error

+ NotifyHighRiskAttempt func(ctx context.Context, userID xid.ID, riskScore float64) error

+ NotifyRecoveryCompleted func(ctx context.Context, userID xid.ID, sessionID xid.ID) error

+ NotifyRecoveryFailed func(ctx context.Context, userID xid.ID, sessionID xid.ID, reason string) error

+ NotifyRecoveryStarted func(ctx context.Context, userID xid.ID, sessionID xid.ID, method RecoveryMethod) error

+ type NotificationsConfig struct

+ Channels []string

+ Enabled bool

+ NotifyAdminOnHighRisk bool

+ NotifyAdminOnReviewNeeded bool

+ NotifyOnRecoveryComplete bool

+ NotifyOnRecoveryFailed bool

+ NotifyOnRecoveryStart bool

+ SecurityOfficerEmail string

+ type Plugin struct

+ func NewPlugin() *Plugin

+ func (p *Plugin) Description() string

+ func (p *Plugin) Health(ctx context.Context) error

+ func (p *Plugin) ID() string

+ func (p *Plugin) Init(auth interface{}) error

+ func (p *Plugin) Migrate() error

+ func (p *Plugin) Name() string

+ func (p *Plugin) RegisterHooks(hookRegistry *hooks.HookRegistry) error

+ func (p *Plugin) RegisterRoutes(router forge.Router) error

+ func (p *Plugin) RegisterServiceDecorators(services *registry.ServiceRegistry) error

+ func (p *Plugin) Service() *Service

+ func (p *Plugin) SetDocumentProvider(provider DocumentProvider)

+ func (p *Plugin) SetEmailProvider(provider EmailProvider)

+ func (p *Plugin) SetNotificationProvider(provider NotificationProvider)

+ func (p *Plugin) SetProviders(providers ProviderRegistry)

+ func (p *Plugin) SetSMSProvider(provider SMSProvider)

+ func (p *Plugin) SetVideoProvider(provider VideoProvider)

+ func (p *Plugin) Shutdown(ctx context.Context) error

+ func (p *Plugin) Version() string

+ type ProviderRegistry interface

+ DocumentProvider func() DocumentProvider

+ EmailProvider func() EmailProvider

+ NotificationProvider func() NotificationProvider

+ SMSProvider func() SMSProvider

+ VideoProvider func() VideoProvider

+ type RateLimitingConfig struct

+ Enabled bool

+ ExponentialBackoff bool

+ IPCooldownPeriod time.Duration

+ LockoutAfterAttempts int

+ LockoutDuration time.Duration

+ MaxAttemptsPerDay int

+ MaxAttemptsPerHour int

+ MaxAttemptsPerIP int

+ type RecoveryAttemptLog struct

+ Action string

+ AppID xid.ID

+ DeviceID string

+ FailureReason string

+ ID xid.ID

+ IPAddress string

+ Metadata map[string]interface{}

+ Method RecoveryMethod

+ RecoveryID xid.ID

+ Step int

+ Success bool

+ UserAgent string

+ UserID xid.ID

+ UserOrganizationID *xid.ID

+ type RecoveryCodeUsage struct

+ AppID xid.ID

+ CodeHash string

+ DeviceID string

+ ID xid.ID

+ IPAddress string

+ RecoveryID xid.ID

+ UsedAt time.Time

+ UserAgent string

+ UserID xid.ID

+ UserOrganizationID *xid.ID

+ type RecoveryCodesConfig struct

+ AllowDownload bool

+ AllowPrint bool

+ AutoRegenerate bool

+ CodeCount int

+ CodeLength int

+ Enabled bool

+ Format string

+ RegenerateCount int

+ type RecoveryConfiguration struct

+ AppID xid.ID

+ CodeExpiryMinutes int

+ EnabledMethods []RecoveryMethod

+ ID xid.ID

+ LockoutDuration time.Duration

+ MaxAttemptsPerDay int

+ MinimumStepsRequired int

+ RequireAdminReview bool

+ RequireMultipleSteps bool

+ RiskScoreThreshold float64

+ SessionExpiryMinutes int

+ Settings map[string]interface{}

+ UserOrganizationID *xid.ID

+ type RecoveryMethod string

+ const RecoveryMethodCodes

+ const RecoveryMethodDocument

+ const RecoveryMethodEmail

+ const RecoveryMethodSMS

+ const RecoveryMethodSecurityQ

+ const RecoveryMethodTrustedContact

+ const RecoveryMethodVideo

+ type RecoverySession struct

+ AppID xid.ID

+ Attempts int

+ CancelledAt *time.Time

+ CodeExpiresAt *time.Time

+ CompletedAt *time.Time

+ CompletedSteps []string

+ CurrentStep int

+ DeviceID string

+ ExpiresAt time.Time

+ ID xid.ID

+ IPAddress string

+ MaxAttempts int

+ Metadata map[string]interface{}

+ Method RecoveryMethod

+ RequiredSteps []string

+ RequiresReview bool

+ ReviewNotes string

+ ReviewedAt *time.Time

+ ReviewedBy *xid.ID

+ RiskScore float64

+ Status RecoveryStatus

+ UserAgent string

+ UserID xid.ID

+ UserOrganizationID *xid.ID

+ VerificationCode string

+ type RecoverySessionInfo struct

+ CompletedAt *time.Time

+ CreatedAt time.Time

+ CurrentStep int

+ ExpiresAt time.Time

+ ID xid.ID

+ Method RecoveryMethod

+ RequiresReview bool

+ RiskScore float64

+ Status RecoveryStatus

+ TotalSteps int

+ UserEmail string

+ UserID xid.ID

+ type RecoveryStatus string

+ const RecoveryStatusCancelled

+ const RecoveryStatusCompleted

+ const RecoveryStatusExpired

+ const RecoveryStatusFailed

+ const RecoveryStatusInProgress

+ const RecoveryStatusPending

+ type RejectRecoveryRequest struct

+ Notes string

+ Reason string

+ SessionID xid.ID

+ type RejectRecoveryResponse struct

+ Message string

+ Reason string

+ Rejected bool

+ RejectedAt time.Time

+ SessionID xid.ID

+ type RemoveTrustedContactRequest struct

+ ContactID xid.ID

+ type Repository interface

+ CountActiveTrustedContacts func(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID) (int, error)

+ CreateDocumentVerification func(ctx context.Context, dv *DocumentVerification) error

+ CreateRecoveryCodeUsage func(ctx context.Context, rcu *RecoveryCodeUsage) error

+ CreateRecoveryConfig func(ctx context.Context, rc *RecoveryConfiguration) error

+ CreateRecoveryLog func(ctx context.Context, log *RecoveryAttemptLog) error

+ CreateRecoverySession func(ctx context.Context, rs *RecoverySession) error

+ CreateSecurityQuestion func(ctx context.Context, q *SecurityQuestion) error

+ CreateTrustedContact func(ctx context.Context, tc *TrustedContact) error

+ CreateVideoSession func(ctx context.Context, vs *VideoVerificationSession) error

+ DeleteDocumentVerification func(ctx context.Context, id xid.ID) error

+ DeleteRecoverySession func(ctx context.Context, id xid.ID) error

+ DeleteSecurityQuestion func(ctx context.Context, id xid.ID) error

+ DeleteTrustedContact func(ctx context.Context, id xid.ID) error

+ DeleteVideoSession func(ctx context.Context, id xid.ID) error

+ ExpireRecoverySessions func(ctx context.Context, before time.Time) (int, error)

+ GetActiveRecoverySession func(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID) (*RecoverySession, error)

+ GetDocumentVerification func(ctx context.Context, id xid.ID) (*DocumentVerification, error)

+ GetDocumentVerificationByRecovery func(ctx context.Context, recoveryID xid.ID) (*DocumentVerification, error)

+ GetRecentRecoveryAttempts func(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID, ...) (int, error)

+ GetRecoveryCodeUsage func(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID, ...) (*RecoveryCodeUsage, error)

+ GetRecoveryConfig func(ctx context.Context, appID xid.ID, userOrganizationID *xid.ID) (*RecoveryConfiguration, error)

+ GetRecoveryLogs func(ctx context.Context, recoveryID xid.ID) ([]*RecoveryAttemptLog, error)

+ GetRecoveryLogsByUser func(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID, ...) ([]*RecoveryAttemptLog, error)

+ GetRecoverySession func(ctx context.Context, id xid.ID) (*RecoverySession, error)

+ GetRecoveryStats func(ctx context.Context, appID xid.ID, userOrganizationID *xid.ID, ...) (map[string]interface{}, error)

+ GetSecurityQuestion func(ctx context.Context, id xid.ID) (*SecurityQuestion, error)

+ GetSecurityQuestionsByUser func(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID) ([]*SecurityQuestion, error)

+ GetTrustedContact func(ctx context.Context, id xid.ID) (*TrustedContact, error)

+ GetTrustedContactByToken func(ctx context.Context, token string) (*TrustedContact, error)

+ GetTrustedContactsByUser func(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID) ([]*TrustedContact, error)

+ GetVideoSession func(ctx context.Context, id xid.ID) (*VideoVerificationSession, error)

+ GetVideoSessionByRecovery func(ctx context.Context, recoveryID xid.ID) (*VideoVerificationSession, error)

+ IncrementQuestionFailedAttempts func(ctx context.Context, id xid.ID) error

+ IncrementSessionAttempts func(ctx context.Context, id xid.ID) error

+ ListRecoverySessions func(ctx context.Context, appID xid.ID, userOrganizationID *xid.ID, ...) ([]*RecoverySession, int, error)

+ UpdateDocumentVerification func(ctx context.Context, dv *DocumentVerification) error

+ UpdateRecoveryConfig func(ctx context.Context, rc *RecoveryConfiguration) error

+ UpdateRecoverySession func(ctx context.Context, rs *RecoverySession) error

+ UpdateSecurityQuestion func(ctx context.Context, q *SecurityQuestion) error

+ UpdateTrustedContact func(ctx context.Context, tc *TrustedContact) error

+ UpdateVideoSession func(ctx context.Context, vs *VideoVerificationSession) error

+ func NewBunRepository(db *bun.DB) Repository

+ type RequestTrustedContactVerificationRequest struct

+ ContactID xid.ID

+ SessionID xid.ID

+ type RequestTrustedContactVerificationResponse struct

+ ContactID xid.ID

+ ContactName string

+ ExpiresAt time.Time

+ Message string

+ NotifiedAt time.Time

+ type ReviewDocumentRequest struct

+ Approved bool

+ DocumentID xid.ID

+ Notes string

+ RejectionReason string

+ type RiskAssessmentConfig struct

+ BlockHighRisk bool

+ Enabled bool

+ HighRiskThreshold float64

+ HistoryWeight float64

+ LowRiskThreshold float64

+ MediumRiskThreshold float64

+ NewDeviceWeight float64

+ NewIPWeight float64

+ NewLocationWeight float64

+ RequireReviewAbove float64

+ VelocityWeight float64

+ type SMSProvider interface

+ SendRecoveryNotification func(ctx context.Context, to, message string) error

+ SendVerificationSMS func(ctx context.Context, to, code string, expiresIn time.Duration) error

+ type SMSVerificationConfig struct

+ CodeExpiry time.Duration

+ CodeLength int

+ CooldownPeriod time.Duration

+ Enabled bool

+ MaxAttempts int

+ MaxSMSPerDay int

+ MessageTemplate string

+ Provider string

+ type ScheduleVideoSessionRequest struct

+ ScheduledAt time.Time

+ SessionID xid.ID

+ TimeZone string

+ type ScheduleVideoSessionResponse struct

+ Instructions string

+ JoinURL string

+ Message string

+ ScheduledAt time.Time

+ VideoSessionID xid.ID

+ type SecurityQuestion struct

+ AnswerHash string

+ AppID xid.ID

+ CustomText string

+ FailedAttempts int

+ ID xid.ID

+ IsActive bool

+ LastUsedAt *time.Time

+ QuestionID int

+ Salt string

+ UserID xid.ID

+ UserOrganizationID *xid.ID

+ type SecurityQuestionInfo struct

+ ID xid.ID

+ IsCustom bool

+ QuestionID int

+ QuestionText string

+ type SecurityQuestionsConfig struct

+ AllowCustomQuestions bool

+ CaseSensitive bool

+ Enabled bool

+ ForbidCommonAnswers bool

+ LockoutDuration time.Duration

+ MaxAnswerLength int

+ MaxAttempts int

+ MinimumQuestions int

+ PredefinedQuestions []string

+ RequireMinLength int

+ RequiredToRecover int

+ type SendVerificationCodeRequest struct

+ Method RecoveryMethod

+ SessionID xid.ID

+ Target string

+ type SendVerificationCodeResponse struct

+ ExpiresAt time.Time

+ MaskedTarget string

+ Message string

+ Sent bool

+ type Service struct

+ func NewService(repo Repository, config *Config, providers ProviderRegistry) *Service

+ func (s *Service) AddTrustedContact(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID, ...) (*AddTrustedContactResponse, error)

+ func (s *Service) CancelRecovery(ctx context.Context, req *CancelRecoveryRequest) error

+ func (s *Service) CompleteRecovery(ctx context.Context, req *CompleteRecoveryRequest) (*CompleteRecoveryResponse, error)

+ func (s *Service) ContinueRecovery(ctx context.Context, req *ContinueRecoveryRequest) (*ContinueRecoveryResponse, error)

+ func (s *Service) GenerateRecoveryCodes(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID, ...) (*GenerateRecoveryCodesResponse, error)

+ func (s *Service) GetSecurityQuestions(ctx context.Context, req *GetSecurityQuestionsRequest) (*GetSecurityQuestionsResponse, error)

+ func (s *Service) ListTrustedContacts(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID) (*ListTrustedContactsResponse, error)

+ func (s *Service) RemoveTrustedContact(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID, ...) error

+ func (s *Service) RequestTrustedContactVerification(ctx context.Context, req *RequestTrustedContactVerificationRequest) (*RequestTrustedContactVerificationResponse, error)

+ func (s *Service) SetupSecurityQuestions(ctx context.Context, userID xid.ID, appID xid.ID, userOrganizationID *xid.ID, ...) (*SetupSecurityQuestionsResponse, error)

+ func (s *Service) StartRecovery(ctx context.Context, req *StartRecoveryRequest) (*StartRecoveryResponse, error)

+ func (s *Service) VerifyRecoveryCode(ctx context.Context, req *VerifyRecoveryCodeRequest) (*VerifyRecoveryCodeResponse, error)

+ func (s *Service) VerifySecurityAnswers(ctx context.Context, req *VerifySecurityAnswersRequest) (*VerifySecurityAnswersResponse, error)

+ func (s *Service) VerifyTrustedContact(ctx context.Context, req *VerifyTrustedContactRequest) (*VerifyTrustedContactResponse, error)

+ type SetupSecurityQuestionRequest struct

+ Answer string

+ CustomText string

+ QuestionID int

+ type SetupSecurityQuestionsRequest struct

+ Questions []SetupSecurityQuestionRequest

+ type SetupSecurityQuestionsResponse struct

+ Count int

+ Message string

+ SetupAt time.Time

+ type StartRecoveryRequest struct

+ DeviceID string

+ Email string

+ PreferredMethod RecoveryMethod

+ UserID string

+ type StartRecoveryResponse struct

+ AvailableMethods []RecoveryMethod

+ CompletedSteps int

+ ExpiresAt time.Time

+ RequiredSteps int

+ RequiresReview bool

+ RiskScore float64

+ SessionID xid.ID

+ Status RecoveryStatus

+ type StartVideoSessionRequest struct

+ VideoSessionID xid.ID

+ type StartVideoSessionResponse struct

+ ExpiresAt time.Time

+ Message string

+ SessionURL string

+ StartedAt time.Time

+ VideoSessionID xid.ID

+ type SuccessResponse struct

+ Message string

+ Success bool

+ type TrustedContact struct

+ AppID xid.ID

+ ContactEmail string

+ ContactName string

+ ContactPhone string

+ ID xid.ID

+ IPAddress string

+ IsActive bool

+ LastNotifiedAt *time.Time

+ Metadata map[string]string

+ Relationship string

+ UserAgent string

+ UserID xid.ID

+ UserOrganizationID *xid.ID

+ VerificationToken string

+ VerifiedAt *time.Time

+ type TrustedContactInfo struct

+ Active bool

+ Email string

+ ID xid.ID

+ Name string

+ Phone string

+ Relationship string

+ Verified bool

+ VerifiedAt *time.Time

+ type TrustedContactsConfig struct

+ AllowEmailContacts bool

+ AllowPhoneContacts bool

+ CooldownPeriod time.Duration

+ Enabled bool

+ MaxNotificationsPerDay int

+ MaximumContacts int

+ MinimumContacts int

+ RequireVerification bool

+ RequiredToRecover int

+ VerificationExpiry time.Duration

+ type UpdateRecoveryConfigRequest struct

+ EnabledMethods []RecoveryMethod

+ MinimumStepsRequired int

+ RequireAdminReview bool

+ RequireMultipleSteps bool

+ RiskScoreThreshold float64

+ type UploadDocumentRequest struct

+ BackImage string

+ DocumentType string

+ FrontImage string

+ Selfie string

+ SessionID xid.ID

+ type UploadDocumentResponse struct

+ DocumentID xid.ID

+ Message string

+ ProcessingTime string

+ Status string

+ UploadedAt time.Time

+ type VerifyCodeRequest struct

+ Code string

+ SessionID xid.ID

+ type VerifyCodeResponse struct

+ AttemptsLeft int

+ Message string

+ Valid bool

+ type VerifyRecoveryCodeRequest struct

+ Code string

+ SessionID xid.ID

+ type VerifyRecoveryCodeResponse struct

+ Message string

+ RemainingCodes int

+ Valid bool

+ type VerifySecurityAnswersRequest struct

+ Answers map[string]string

+ SessionID xid.ID

+ type VerifySecurityAnswersResponse struct

+ AttemptsLeft int

+ CorrectAnswers int

+ Message string

+ RequiredAnswers int

+ Valid bool

+ type VerifyTrustedContactRequest struct

+ Token string

+ type VerifyTrustedContactResponse struct

+ ContactID xid.ID

+ Message string

+ Verified bool

+ VerifiedAt time.Time

+ type VideoProvider interface

+ CancelSession func(ctx context.Context, sessionID string) error

+ CompleteSession func(ctx context.Context, sessionID string, result VideoSessionResult) error

+ CreateSession func(ctx context.Context, userID xid.ID, scheduledAt time.Time) (*VideoSessionInfo, error)

+ GetSession func(ctx context.Context, sessionID string) (*VideoSessionInfo, error)

+ StartSession func(ctx context.Context, sessionID string) (*VideoSessionInfo, error)

+ type VideoSessionInfo struct

+ CompletedAt *time.Time

+ JoinURL string

+ LivenessPassed bool

+ LivenessScore float64

+ RecordingURL string

+ ScheduledAt time.Time

+ SessionID string

+ StartedAt *time.Time

+ Status string

+ type VideoSessionResult struct

+ Approved bool

+ LivenessPassed bool

+ LivenessScore float64

+ Notes string

+ VerifierID string

+ type VideoVerificationConfig struct

+ Enabled bool

+ LivenessThreshold float64

+ MinScheduleAdvance time.Duration

+ Provider string

+ RecordSessions bool

+ RecordingRetention time.Duration

+ RequireAdminReview bool

+ RequireLivenessCheck bool

+ RequireScheduling bool

+ SessionDuration time.Duration

+ type VideoVerificationSession struct

+ AppID xid.ID

+ CompletedAt *time.Time

+ ID xid.ID

+ LivenessCheckPassed bool

+ LivenessScore float64

+ Metadata map[string]string

+ ProviderSessionID string

+ RecordingURL string

+ RecoveryID xid.ID

+ ScheduledAt time.Time

+ SessionURL string

+ StartedAt *time.Time

+ Status string

+ UserID xid.ID

+ UserOrganizationID *xid.ID

+ VerificationNotes string

+ VerificationResult string

+ VerifiedAt *time.Time

+ VerifierID *xid.ID