_MAP: MGN-001 - Autenticacion
Modulo: MGN-001
Nombre: Autenticacion
Fase: 01 - Foundation
Story Points: 40 SP
Estado: Documentado
Ultima actualizacion: 2025-12-05
Resumen
Sistema de autenticacion que incluye login con email/password, manejo de tokens JWT, OAuth con proveedores sociales, recuperacion de password y proteccion contra ataques de fuerza bruta.
Metricas
| Metrica |
Valor |
| Story Points |
40 SP |
| Requerimientos (RF) |
6 |
| Especificaciones (ET) |
3 |
| User Stories (US) |
5 |
| Tablas DB |
6 |
| Endpoints API |
7 |
| Test Cases |
20+ |
| Cobertura Estimada |
0% |
Requerimientos Funcionales (5)
Indice: INDICE-RF-AUTH.md
Especificaciones Tecnicas (3)
| ID |
Archivo |
Titulo |
RF Asociados |
Estado |
| ET-AUTH-001 |
ET-auth-backend.md |
Backend Auth |
RF-AUTH-001, RF-AUTH-002, RF-AUTH-005 |
Migrado |
| ET-AUTH-002 |
auth-domain.md |
Domain Model Auth |
RF-AUTH-001 |
Migrado |
| ET-AUTH-003 |
ET-AUTH-database.md |
Database Auth |
RF-AUTH-001, RF-AUTH-002, RF-AUTH-004 |
Migrado |
Historias de Usuario (4)
| ID |
Archivo |
Titulo |
RF |
SP |
Estado |
| US-MGN001-001 |
US-MGN001-001.md |
Login con Email/Password |
RF-AUTH-001 |
8 |
Migrado |
| US-MGN001-002 |
US-MGN001-002.md |
Logout de Sesion |
RF-AUTH-005 |
3 |
Migrado |
| US-MGN001-003 |
US-MGN001-003.md |
Recuperar Password |
RF-AUTH-003 |
5 |
Migrado |
| US-MGN001-004 |
US-MGN001-004.md |
Refresh de Token |
RF-AUTH-002 |
5 |
Migrado |
Backlog: BACKLOG-MGN001.md
Total: 21 SP (+ buffer = 40 SP epica)
Implementacion
Database
| Objeto |
Tipo |
Archivo |
RF |
| core_auth |
Schema |
ddl/schemas/core_auth/ |
- |
| users_auth |
Tabla |
ddl/schemas/core_auth/tables/users_auth.sql |
RF-AUTH-001 |
| sessions |
Tabla |
ddl/schemas/core_auth/tables/sessions.sql |
RF-AUTH-002 |
| refresh_tokens |
Tabla |
ddl/schemas/core_auth/tables/refresh_tokens.sql |
RF-AUTH-002 |
| password_resets |
Tabla |
ddl/schemas/core_auth/tables/password_resets.sql |
RF-AUTH-003 |
| login_attempts |
Tabla |
ddl/schemas/core_auth/tables/login_attempts.sql |
RF-AUTH-004 |
| oauth_accounts |
Tabla |
ddl/schemas/core_auth/tables/oauth_accounts.sql |
RF-AUTH-005 |
| validate_password |
Funcion |
ddl/schemas/core_auth/functions/validate_password.sql |
RF-AUTH-001 |
| cleanup_expired_sessions |
Funcion |
ddl/schemas/core_auth/functions/cleanup_sessions.sql |
RF-AUTH-002 |
Backend
| Objeto |
Tipo |
Archivo |
RF |
| AuthModule |
Module |
src/modules/auth/auth.module.ts |
- |
| AuthService |
Service |
src/modules/auth/auth.service.ts |
RF-AUTH-001 |
| TokenService |
Service |
src/modules/auth/token.service.ts |
RF-AUTH-002 |
| PasswordService |
Service |
src/modules/auth/password.service.ts |
RF-AUTH-003 |
| OAuthService |
Service |
src/modules/auth/oauth.service.ts |
RF-AUTH-005 |
| AuthController |
Controller |
src/modules/auth/auth.controller.ts |
- |
| JwtAuthGuard |
Guard |
src/modules/auth/guards/jwt-auth.guard.ts |
RF-AUTH-002 |
| LoginDto |
DTO |
src/modules/auth/dto/login.dto.ts |
RF-AUTH-001 |
| TokenResponseDto |
DTO |
src/modules/auth/dto/token-response.dto.ts |
RF-AUTH-002 |
Frontend
| Objeto |
Tipo |
Archivo |
RF |
| LoginPage |
Page |
src/features/auth/pages/LoginPage.tsx |
RF-AUTH-001 |
| ForgotPasswordPage |
Page |
src/features/auth/pages/ForgotPasswordPage.tsx |
RF-AUTH-003 |
| ResetPasswordPage |
Page |
src/features/auth/pages/ResetPasswordPage.tsx |
RF-AUTH-003 |
| LoginForm |
Component |
src/features/auth/components/LoginForm.tsx |
RF-AUTH-001 |
| SocialLoginButtons |
Component |
src/features/auth/components/SocialLoginButtons.tsx |
RF-AUTH-005 |
| authStore |
Store |
src/features/auth/stores/authStore.ts |
- |
| authApi |
API |
src/features/auth/api/authApi.ts |
- |
Endpoints API
| Metodo |
Path |
Descripcion |
RF |
Auth |
| POST |
/api/v1/auth/login |
Login con email/password |
RF-AUTH-001 |
No |
| POST |
/api/v1/auth/logout |
Cerrar sesion |
RF-AUTH-006 |
Si |
| POST |
/api/v1/auth/refresh |
Refrescar token |
RF-AUTH-002 |
No* |
| POST |
/api/v1/auth/forgot-password |
Solicitar recuperacion |
RF-AUTH-003 |
No |
| POST |
/api/v1/auth/reset-password |
Cambiar password |
RF-AUTH-003 |
No |
| GET |
/api/v1/auth/me |
Obtener usuario actual |
RF-AUTH-001 |
Si |
| GET |
/api/v1/auth/oauth/:provider |
Iniciar OAuth flow |
RF-AUTH-005 |
No |
*Requiere refresh token valido
Dependencias
Este modulo depende de:
Ninguna - MGN-001 es el primer modulo de la cadena.
Modulos que dependen de este:
| Modulo |
Tipo |
Razon |
| MGN-002 Users |
Hard |
Usuarios requieren auth |
| MGN-003 Roles |
Hard |
RBAC usa tokens de auth |
| MGN-004 Tenants |
Hard |
Tenant ID en token JWT |
| TODOS |
Hard |
Autenticacion requerida |
Test Coverage
| Tipo |
Casos |
Estado |
| Unit Tests - AuthService |
12 |
Pendiente |
| Unit Tests - TokenService |
8 |
Pendiente |
| Integration Tests |
10 |
Pendiente |
| E2E Tests |
5 |
Pendiente |
| Total |
35 |
0% |
Trazabilidad
Ver archivo completo: TRACEABILITY.yml
Documentos Relacionados
Historial
| Fecha |
Cambio |
Autor |
| 2025-12-05 |
Creacion de _MAP.md con estructura GAMILIT |
Requirements-Analyst |
Generado por: Requirements-Analyst
Fecha: 2025-12-05
