32 lines
1.6 KiB
C#
32 lines
1.6 KiB
C#
using System.Security.Claims;
|
|
using SharepointToolbox.Web.Core.Models;
|
|
|
|
namespace SharepointToolbox.Web.Services.Auth;
|
|
|
|
public interface IUserService
|
|
{
|
|
/// <summary>Auto-provision on first OIDC login; update LastLogin on subsequent logins.
|
|
/// First user ever becomes Admin automatically. Tags the user as <see cref="AuthProvider.Entra"/>.</summary>
|
|
Task<AppUser> ProvisionAsync(ClaimsPrincipal principal);
|
|
|
|
Task<AppUser?> GetByEmailAsync(string email);
|
|
Task<IReadOnlyList<AppUser>> GetAllAsync();
|
|
Task UpdateRoleAsync(string userId, UserRole role);
|
|
Task DeleteAsync(string userId);
|
|
|
|
/// <summary>Create a local password-based account. First user ever becomes Admin.</summary>
|
|
/// <exception cref="InvalidOperationException">Email already in use.</exception>
|
|
Task<AppUser> CreateLocalUserAsync(string email, string displayName, UserRole role, string password);
|
|
|
|
/// <summary>Validate local credentials. Returns the user and updates LastLogin on success; null otherwise.
|
|
/// Only matches <see cref="AuthProvider.Local"/> accounts.</summary>
|
|
Task<AppUser?> ValidateLocalCredentialsAsync(string email, string password);
|
|
|
|
/// <summary>Admin reset — set a local user's password without knowing the current one.</summary>
|
|
Task SetPasswordAsync(string userId, string newPassword);
|
|
|
|
/// <summary>Self-service — change own password after verifying the current one.</summary>
|
|
/// <returns>true if the current password matched and the change was saved.</returns>
|
|
Task<bool> ChangePasswordAsync(string userId, string currentPassword, string newPassword);
|
|
}
|