yisroelbaum/TIDE
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

implement AuthenticateUser use case

Browse source 
input validation: email + password required. constructs
EmailAddress vo (BadRequest on bad format). looks up user; absent
or password-mismatch -> UnauthorizedException with constant
'invalid credentials' message (no enumeration leak). password
verified through PasswordHasher->verify against stored hash on
the User entity (no separate profile lookup -> tide keeps
password on the user row). returns the User entity for the
caller (typically CreateSession + AuthController). 27 tests
pass.
This commit is contained in:
yisroel 2026-05-06 15:14:34 +03:00
parent 2731e610e5
commit 5b74e9d76a
Signed by: yisroelbaum
GPG key ID: 0FA60884F75520A9
2 changed files with 65 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
backend/app/Auth/UseCases/AuthenticateUser/AuthenticateUserRequest.php Normal file
View file

@ -0,0 +1,11 @@
<?php
namespace App\Auth\UseCases\AuthenticateUser;
class AuthenticateUserRequest
{
public function __construct(
public ?string $email,
public ?string $password,
) {}
}