internal/store/types.go

@@ -9,12 +9,15 @@ import (
 
 // User mirrors the users table.
 type User struct {
-	ID           string
+	ID                 string
-	Username     string
+	Username           string
-	PasswordHash string
+	PasswordHash       string
-	Role         Role
+	Role               Role
-	CreatedAt    time.Time
+	Email              *string    // optional; nil = not set
-	LastLoginAt  *time.Time
+	DisabledAt         *time.Time // nil = enabled
+	MustChangePassword bool
+	CreatedAt          time.Time
+	LastLoginAt        *time.Time
 }
 
 // Role enumerates the access tiers from spec.md §7.2.
@@ -219,3 +222,14 @@ type AuditEntry struct {
 	TS         time.Time
 	Payload    json.RawMessage
 }
+
+// SetupToken mirrors the user_setup_tokens table. The raw token
+// itself is never stored; the field shown here is the sha256 hex
+// digest of the raw token, which is what callers compare against.
+type SetupToken struct {
+	UserID    string
+	TokenHash string
+	ExpiresAt time.Time
+	CreatedAt time.Time
+	CreatedBy *string // admin user id; nil only after CASCADE SET NULL
+}