export interface TokenPair {
  accessToken: string;
  refreshToken: string;
}

export interface Session {
  id: string;
  userId: number;
  userAgent: string | null;
  ip: string | null;
  createdAt: Date;
  expiresAt: Date;
  revokedAt: Date | null;
}

export interface AuthUser {
  id: number;
  email: string | null;
  username: string;
  role: string;
  status: string;
}

export type AuthErrorCode =
  | "INVALID_CREDENTIALS"
  | "ACCOUNT_LOCKED"
  | "WEAK_PASSWORD"
  | "EMAIL_EXISTS"
  | "TOKEN_EXPIRED"
  | "SESSION_REVOKED"
  | "RATE_LIMITED";

export interface AuthError {
  error: {
    code: AuthErrorCode;
    message: string;
  };
}

export interface IAuthStrategy {
  readonly type: "password" | "oauth";
  authenticate(credentials: unknown): Promise<AuthUser>;
  generateTokens(user: AuthUser, sessionId: string): Promise<TokenPair>;
  revokeSession(sessionId: string): Promise<void>;
}