feat: authsession service

authsession/internal/adapters/redis/sendemailcodeabuse/protector.go

@@ -0,0 +1,152 @@
+// Package sendemailcodeabuse implements ports.SendEmailCodeAbuseProtector with
+// one Redis TTL key per normalized e-mail address.
+package sendemailcodeabuse
+
+import (
+	"context"
+	"crypto/tls"
+	"encoding/base64"
+	"errors"
+	"fmt"
+	"strings"
+	"time"
+
+	"galaxy/authsession/internal/domain/challenge"
+	"galaxy/authsession/internal/domain/common"
+	"galaxy/authsession/internal/ports"
+
+	"github.com/redis/go-redis/v9"
+)
+
+// Config configures one Redis-backed send-email-code abuse protector.
+type Config struct {
+	// Addr is the Redis network address in host:port form.
+	Addr string
+
+	// Username is the optional Redis ACL username.
+	Username string
+
+	// Password is the optional Redis ACL password.
+	Password string
+
+	// DB is the Redis logical database index.
+	DB int
+
+	// TLSEnabled enables TLS with a conservative minimum protocol version.
+	TLSEnabled bool
+
+	// KeyPrefix is the namespace prefix applied to every resend-throttle key.
+	KeyPrefix string
+
+	// OperationTimeout bounds each Redis round trip performed by the adapter.
+	OperationTimeout time.Duration
+}
+
+// Protector applies the fixed resend cooldown with one Redis key per
+// normalized e-mail address.
+type Protector struct {
+	client           *redis.Client
+	keyPrefix        string
+	operationTimeout time.Duration
+}
+
+// New constructs a Redis-backed resend-throttle protector from cfg.
+func New(cfg Config) (*Protector, error) {
+	switch {
+	case strings.TrimSpace(cfg.Addr) == "":
+		return nil, errors.New("new redis send email code abuse protector: redis addr must not be empty")
+	case cfg.DB < 0:
+		return nil, errors.New("new redis send email code abuse protector: redis db must not be negative")
+	case strings.TrimSpace(cfg.KeyPrefix) == "":
+		return nil, errors.New("new redis send email code abuse protector: redis key prefix must not be empty")
+	case cfg.OperationTimeout <= 0:
+		return nil, errors.New("new redis send email code abuse protector: operation timeout must be positive")
+	}
+
+	options := &redis.Options{
+		Addr:            cfg.Addr,
+		Username:        cfg.Username,
+		Password:        cfg.Password,
+		DB:              cfg.DB,
+		Protocol:        2,
+		DisableIdentity: true,
+	}
+	if cfg.TLSEnabled {
+		options.TLSConfig = &tls.Config{MinVersion: tls.VersionTLS12}
+	}
+
+	return &Protector{
+		client:           redis.NewClient(options),
+		keyPrefix:        cfg.KeyPrefix,
+		operationTimeout: cfg.OperationTimeout,
+	}, nil
+}
+
+// Close releases the underlying Redis client resources.
+func (p *Protector) Close() error {
+	if p == nil || p.client == nil {
+		return nil
+	}
+
+	return p.client.Close()
+}
+
+// Ping verifies that the configured Redis backend is reachable within the
+// adapter operation timeout budget.
+func (p *Protector) Ping(ctx context.Context) error {
+	operationCtx, cancel, err := p.operationContext(ctx, "ping redis send email code abuse protector")
+	if err != nil {
+		return err
+	}
+	defer cancel()
+
+	if err := p.client.Ping(operationCtx).Err(); err != nil {
+		return fmt.Errorf("ping redis send email code abuse protector: %w", err)
+	}
+
+	return nil
+}
+
+// CheckAndReserve applies the fixed resend cooldown using one TTL key per
+// normalized e-mail address.
+func (p *Protector) CheckAndReserve(ctx context.Context, input ports.SendEmailCodeAbuseInput) (ports.SendEmailCodeAbuseResult, error) {
+	if err := input.Validate(); err != nil {
+		return ports.SendEmailCodeAbuseResult{}, fmt.Errorf("check and reserve send email code abuse: %w", err)
+	}
+
+	operationCtx, cancel, err := p.operationContext(ctx, "check and reserve send email code abuse")
+	if err != nil {
+		return ports.SendEmailCodeAbuseResult{}, err
+	}
+	defer cancel()
+
+	key := p.lookupKey(input.Email)
+	value := input.Now.UTC().Add(challenge.ResendThrottleCooldown).Format(time.RFC3339Nano)
+	created, err := p.client.SetNX(operationCtx, key, value, challenge.ResendThrottleCooldown).Result()
+	if err != nil {
+		return ports.SendEmailCodeAbuseResult{}, fmt.Errorf("check and reserve send email code abuse for %q: %w", input.Email, err)
+	}
+	if created {
+		return ports.SendEmailCodeAbuseResult{Outcome: ports.SendEmailCodeAbuseOutcomeAllowed}, nil
+	}
+
+	return ports.SendEmailCodeAbuseResult{Outcome: ports.SendEmailCodeAbuseOutcomeThrottled}, nil
+}
+
+func (p *Protector) operationContext(ctx context.Context, operation string) (context.Context, context.CancelFunc, error) {
+	if p == nil || p.client == nil {
+		return nil, nil, fmt.Errorf("%s: nil protector", operation)
+	}
+	if ctx == nil {
+		return nil, nil, fmt.Errorf("%s: nil context", operation)
+	}
+
+	operationCtx, cancel := context.WithTimeout(ctx, p.operationTimeout)
+	return operationCtx, cancel, nil
+}
+
+func (p *Protector) lookupKey(email common.Email) string {
+	return p.keyPrefix + base64.RawURLEncoding.EncodeToString([]byte(email.String()))
+}
+
+var _ ports.SendEmailCodeAbuseProtector = (*Protector)(nil)

authsession/internal/adapters/redis/sendemailcodeabuse/protector_test.go

@@ -0,0 +1,176 @@
+package sendemailcodeabuse
+
+import (
+	"context"
+	"testing"
+	"time"
+
+	"galaxy/authsession/internal/domain/challenge"
+	"galaxy/authsession/internal/domain/common"
+	"galaxy/authsession/internal/ports"
+
+	"github.com/alicebob/miniredis/v2"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestNew(t *testing.T) {
+	t.Parallel()
+
+	server := miniredis.RunT(t)
+
+	tests := []struct {
+		name    string
+		cfg     Config
+		wantErr string
+	}{
+		{
+			name: "valid config",
+			cfg: Config{
+				Addr:             server.Addr(),
+				DB:               1,
+				KeyPrefix:        "authsession:send-email-code-throttle:",
+				OperationTimeout: 250 * time.Millisecond,
+			},
+		},
+		{
+			name: "empty addr",
+			cfg: Config{
+				KeyPrefix:        "authsession:send-email-code-throttle:",
+				OperationTimeout: 250 * time.Millisecond,
+			},
+			wantErr: "redis addr must not be empty",
+		},
+		{
+			name: "negative db",
+			cfg: Config{
+				Addr:             server.Addr(),
+				DB:               -1,
+				KeyPrefix:        "authsession:send-email-code-throttle:",
+				OperationTimeout: 250 * time.Millisecond,
+			},
+			wantErr: "redis db must not be negative",
+		},
+		{
+			name: "empty key prefix",
+			cfg: Config{
+				Addr:             server.Addr(),
+				OperationTimeout: 250 * time.Millisecond,
+			},
+			wantErr: "redis key prefix must not be empty",
+		},
+		{
+			name: "non-positive timeout",
+			cfg: Config{
+				Addr:      server.Addr(),
+				KeyPrefix: "authsession:send-email-code-throttle:",
+			},
+			wantErr: "operation timeout must be positive",
+		},
+	}
+
+	for _, tt := range tests {
+		tt := tt
+
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+
+			protector, err := New(tt.cfg)
+			if tt.wantErr != "" {
+				require.Error(t, err)
+				assert.ErrorContains(t, err, tt.wantErr)
+				return
+			}
+
+			require.NoError(t, err)
+			t.Cleanup(func() {
+				assert.NoError(t, protector.Close())
+			})
+		})
+	}
+}
+
+func TestProtectorPing(t *testing.T) {
+	t.Parallel()
+
+	server := miniredis.RunT(t)
+	protector := newTestProtector(t, server, Config{})
+
+	require.NoError(t, protector.Ping(context.Background()))
+}
+
+func TestProtectorCheckAndReserve(t *testing.T) {
+	t.Parallel()
+
+	server := miniredis.RunT(t)
+	protector := newTestProtector(t, server, Config{})
+	email := common.Email("pilot@example.com")
+	now := time.Unix(10, 0).UTC()
+
+	result, err := protector.CheckAndReserve(context.Background(), ports.SendEmailCodeAbuseInput{
+		Email: email,
+		Now:   now,
+	})
+	require.NoError(t, err)
+	assert.Equal(t, ports.SendEmailCodeAbuseOutcomeAllowed, result.Outcome)
+
+	key := protector.lookupKey(email)
+	assert.True(t, server.Exists(key))
+	ttl := server.TTL(key)
+	assert.LessOrEqual(t, ttl, challenge.ResendThrottleCooldown)
+	assert.GreaterOrEqual(t, ttl, challenge.ResendThrottleCooldown-2*time.Second)
+
+	result, err = protector.CheckAndReserve(context.Background(), ports.SendEmailCodeAbuseInput{
+		Email: email,
+		Now:   now.Add(30 * time.Second),
+	})
+	require.NoError(t, err)
+	assert.Equal(t, ports.SendEmailCodeAbuseOutcomeThrottled, result.Outcome)
+	ttlAfterThrottle := server.TTL(key)
+	assert.LessOrEqual(t, ttlAfterThrottle, ttl)
+
+	server.FastForward(challenge.ResendThrottleCooldown)
+
+	result, err = protector.CheckAndReserve(context.Background(), ports.SendEmailCodeAbuseInput{
+		Email: email,
+		Now:   now.Add(challenge.ResendThrottleCooldown),
+	})
+	require.NoError(t, err)
+	assert.Equal(t, ports.SendEmailCodeAbuseOutcomeAllowed, result.Outcome)
+}
+
+func TestProtectorNilContext(t *testing.T) {
+	t.Parallel()
+
+	server := miniredis.RunT(t)
+	protector := newTestProtector(t, server, Config{})
+
+	_, err := protector.CheckAndReserve(nil, ports.SendEmailCodeAbuseInput{
+		Email: common.Email("pilot@example.com"),
+		Now:   time.Unix(10, 0).UTC(),
+	})
+	require.Error(t, err)
+	assert.ErrorContains(t, err, "nil context")
+}
+
+func newTestProtector(t *testing.T, server *miniredis.Miniredis, cfg Config) *Protector {
+	t.Helper()
+
+	if cfg.Addr == "" {
+		cfg.Addr = server.Addr()
+	}
+	if cfg.KeyPrefix == "" {
+		cfg.KeyPrefix = "authsession:send-email-code-throttle:"
+	}
+	if cfg.OperationTimeout == 0 {
+		cfg.OperationTimeout = 250 * time.Millisecond
+	}
+
+	protector, err := New(cfg)
+	require.NoError(t, err)
+	t.Cleanup(func() {
+		assert.NoError(t, protector.Close())
+	})
+
+	return protector
+}