Data Model: User
Purpose: The User entity represents an individual's primary login account and authentication credentials for the platform. It is the master record that handles security, permissions, and session management. Each User account can own one or more Profile entities, which are used for the actual investment activities.
Fields/Attributes
| Name | Type | Description | Validation Rules |
|---|---|---|---|
| Core Identification | |||
id | Unique Identifier | The primary internal system ID for the user account (e.g., UUID). | • Required • System-generated, Read-only |
email | The user's unique email address, used as their primary username for login. | • Required, Unique • Must be a valid email format | |
password | Hashed Text | The user's hashed and salted password for authentication. The plain text password is never stored. | • Required • Must meet complexity requirements (e.g., min 8 characters, numbers, etc.) |
| Personal Information | |||
first_name | Text | The first name of the user. | • Required |
last_name | Text | The last name of the user. | • Required |
avatar_url | URL | A link to the user's profile picture or avatar image. | • Optional |
| Status & Flags | |||
is_active | Boolean | Designates whether this user account is active and can log in. | • Required • Defaults to True |
is_email_verified | Boolean | Flag indicating if the user has verified their email address by clicking a confirmation link. | • Required • Defaults to False |
is_staff | Boolean | Designates whether the user can access the admin site. (For internal users only). | • Required • Defaults to False |
| Security & Metadata | |||
last_login_at | Timestamp | The exact date and time of the user's last successful login. | • Read-only • System-managed |
last_login_ip | IP Address | The IP address from which the user last logged in. | • Read-only • System-managed |
last_login_user_agent | Text | The browser/device information from the user's last login. | • Read-only • System-managed |
created_at | Timestamp | The date and time the user account was created. | • Read-only |
updated_at | Timestamp | The date and time the user account was last modified. | • Read-only |
Key Relationships
Profiles: A
Useraccount acts as a container for one or more Profile entities (a one-to-many relationship). An investor might have anIndividualprofile and aTrustprofile, all under oneUserlogin.Groups: A
Usercan belong to multiple Groups to manage their roles and permissions (a many-to-many relationship).
Global Business Rules
A
Useraccount must be created with a unique, valid email address.The user's email must be verified (
is_email_verified=True) before they are allowed to create any investmentProfilesor initiate investments.Upon the user's first successful email verification, the system should automatically create a default
INDIVIDUALProfilelinked to theirUseraccount to streamline onboarding.All login attempts must be recorded in the
LoginAttemptLogfor security and auditing purposes.Administrators must have the ability to forcefully terminate any user's
ActiveSession, logging them out of the platform.
Auditing & Event History
Every significant action or change made to an User is recorded as an immutable entry in a system-wide EventLog. This creates a complete and tamper-proof audit trail for compliance and operational tracking.