export interface LoginRequest { email: string; password: string; totp_code?: string; backup_code?: string; } export interface RegisterRequest { email: string; password: string; password_confirmation?: string; first_name?: string; last_name?: string; } export interface TokenPair { access_token: string; refresh_token: string; token_type: string; expires_in: number; scopes?: string[]; } export interface LoginResponse extends TokenPair { user: User; } export interface RegisterResponse extends TokenPair { user: User; } export interface User { id: string; email: string; first_name?: string; last_name?: string; is_active: boolean; email_verified: boolean; profile_data?: Record; created_at: string; updated_at: string; } export interface TokenValidationRequest { token: string; } export interface TokenValidationResponse { valid: boolean; user_id?: string; email?: string; scopes?: string[]; organization?: string; expires_at?: number; reason?: string; } export interface RefreshTokenRequest { refresh_token: string; } export interface LogoutRequest { refresh_token?: string; } export interface PasswordResetRequest { email: string; } export interface PasswordResetConfirmRequest { token: string; password: string; password_confirmation: string; } export interface ChangePasswordRequest { current_password: string; new_password: string; new_password_confirmation: string; } export interface EmailVerificationRequest { token: string; } export interface ResendVerificationRequest { email: string; } export interface TwoFactorSetupResponse { secret: string; qr_code: string; backup_codes: string[]; } export interface TwoFactorVerifyRequest { token: string; } export interface TwoFactorStatusResponse { enabled: boolean; backup_codes_remaining?: number; } export interface ApiError { error: string; details?: Record; requires_2fa?: boolean; } export interface ApiResponse { data?: T; error?: ApiError; message?: string; } export interface OAuthProvider { name: string; display_name: string; authorization_url?: string; } export interface OAuthProvidersResponse { providers: OAuthProvider[]; } export interface OAuthLinkRequest { provider: string; code: string; state?: string; } export interface OrganizationMember { id: string; user_id: string; email: string; first_name?: string; last_name?: string; role: string; joined_at: string; } export interface Organization { id: string; name: string; description?: string; settings?: Record; created_at: string; updated_at: string; } export interface CreateOrganizationRequest { name: string; description?: string; } export interface UpdateOrganizationRequest { name?: string; description?: string; } export interface InviteMemberRequest { email: string; role: string; } export interface UpdateMemberRoleRequest { role: string; } export interface Service { id: string; name: string; description?: string; permissions: string[]; validation_mode: 'trust_gateway' | 'validate_sensitive' | 'always_validate'; created_at: string; updated_at: string; } export interface UserPermissions { service_id: string; service_name: string; permissions: string[]; } export interface ApiKey { id: string; name: string; key_prefix: string; scopes: string[]; is_active: boolean; last_used_at?: string; expires_at?: string; created_at: string; updated_at: string; } export interface CreateApiKeyRequest { name: string; scopes: string[]; expires_at?: string; } export interface UpdateApiKeyRequest { name?: string; scopes?: string[]; expires_at?: string; } export interface ApiKeyUsageStats { total_requests: number; requests_today: number; requests_this_week: number; requests_this_month: number; last_request_at?: string; } export interface AuditLog { id: string; action: string; resource_type?: string; resource_id?: string; details?: Record; ip_address?: string; user_agent?: string; status: 'success' | 'failure'; created_at: string; } export interface LoginAttempt { id: string; email: string; ip_address: string; user_agent?: string; status: 'success' | 'failure'; failure_reason?: string; created_at: string; } export interface SecurityStats { total_users: number; active_sessions: number; failed_logins_today: number; blocked_ips: number; two_fa_enabled_users: number; } export interface RateLimit { identifier: string; identifier_type: 'ip' | 'user' | 'api_key'; endpoint: string; requests_count: number; window_start: string; is_blocked: boolean; blocked_until?: string; }