using AMREZ.EOP.Domain.Entities.Common;
using AMREZ.EOP.Domain.Shared._Users;

namespace AMREZ.EOP.Domain.Entities.Authentications;

public sealed class UserMfaFactor : BaseEntity
{
    public Guid UserId { get; set; }

    public MfaType Type { get; set; }
    public string? Label { get; set; }

    public string? Secret { get; set; } // TOTP secret (encrypt at rest)
    public string? PhoneE164 { get; set; }
    public string? Email { get; set; }
    public string? PublicKey { get; set; } // WebAuthn
    public string? CredentialId { get; set; } // WebAuthn

    public bool Enabled { get; set; } = true;
    public DateTimeOffset AddedAt { get; set; } = DateTimeOffset.UtcNow;
    public DateTimeOffset? LastUsedAt { get; set; }

    public User User { get; set; } = default!;
}