chore: complete update

src/Application/Security/Events/Auth/AuthenticationFailedEvent.php

@@ -0,0 +1,51 @@
+<?php
+declare(strict_types=1);
+
+namespace App\Application\Security\Events\Auth;
+
+use App\Application\Security\{OWASPSecurityEvent};
+use App\Application\Security\ValueObjects\{OWASPEventIdentifier, OWASPLogLevel, MaskedEmail};
+
+final class AuthenticationFailedEvent implements OWASPSecurityEvent
+{
+    private MaskedEmail $maskedEmail;
+
+    public function __construct(
+        public readonly string $email,
+        public readonly ?string $reason = null,
+        public readonly int $failedAttempts = 1
+    ) {
+        $this->maskedEmail = MaskedEmail::fromString($this->email);
+    }
+
+    public function getOWASPEventIdentifier(): OWASPEventIdentifier
+    {
+        return OWASPEventIdentifier::authenticationFailure($this->maskedEmail->toString());
+    }
+
+    public function getOWASPLogLevel(): OWASPLogLevel
+    {
+        return OWASPLogLevel::WARN;
+    }
+
+    public function getDescription(): string
+    {
+        return "User {$this->maskedEmail->toString()} login failed" .
+               ($this->reason ? " - {$this->reason}" : '');
+    }
+
+    public function getEventData(): array
+    {
+        return [
+            'email' => $this->maskedEmail->toString(),
+            'reason' => $this->reason,
+            'failed_attempts' => $this->failedAttempts,
+            'failure_reason' => $this->reason ?? 'invalid_credentials'
+        ];
+    }
+
+    public function getMaskedEmail(): MaskedEmail
+    {
+        return $this->maskedEmail;
+    }
+}