storj/satellite/satellitedb/webappsessions.go

// Copyright (C) 2022 Storj Labs, Inc.
// See LICENSE for copying information.

package satellitedb

import (
	"context"
	"time"

	"storj.io/common/uuid"
	"storj.io/storj/satellite/console/consoleauth"
	"storj.io/storj/satellite/satellitedb/dbx"
)

// ensures that *webappSessions implements consoleauth.WebappSessions.
var _ consoleauth.WebappSessions = (*webappSessions)(nil)

type webappSessions struct {
	db dbx.Methods
}

// Create creates a webapp session and returns the session info.
func (db *webappSessions) Create(ctx context.Context, id, userID uuid.UUID, address, userAgent string, expiresAt time.Time) (session consoleauth.WebappSession, err error) {
	defer mon.Task()(&ctx)(&err)

	dbxSession, err := db.db.Create_WebappSession(ctx, dbx.WebappSession_Id(id.Bytes()), dbx.WebappSession_UserId(userID.Bytes()),
		dbx.WebappSession_IpAddress(address), dbx.WebappSession_UserAgent(userAgent), dbx.WebappSession_ExpiresAt(expiresAt))
	if err != nil {
		return session, err
	}

	return getSessionFromDBX(dbxSession)
}

// UpdateExpiration updates the expiration time of the session.
func (db *webappSessions) UpdateExpiration(ctx context.Context, sessionID uuid.UUID, expiresAt time.Time) (err error) {
	defer mon.Task()(&ctx)(&err)

	_, err = db.db.Update_WebappSession_By_Id(
		ctx,
		dbx.WebappSession_Id(sessionID.Bytes()),
		dbx.WebappSession_Update_Fields{
			ExpiresAt: dbx.WebappSession_ExpiresAt(expiresAt),
		},
	)

	return err
}

// GetBySessionID gets the session info from the session ID.
func (db *webappSessions) GetBySessionID(ctx context.Context, sessionID uuid.UUID) (session consoleauth.WebappSession, err error) {
	defer mon.Task()(&ctx)(&err)

	dbxSession, err := db.db.Get_WebappSession_By_Id(ctx, dbx.WebappSession_Id(sessionID.Bytes()))
	if err != nil {
		return session, err
	}

	return getSessionFromDBX(dbxSession)
}

// GetAllByUserID gets all webapp sessions with userID.
func (db *webappSessions) GetAllByUserID(ctx context.Context, userID uuid.UUID) (sessions []consoleauth.WebappSession, err error) {
	defer mon.Task()(&ctx)(&err)

	dbxSessions, err := db.db.All_WebappSession_By_UserId(ctx, dbx.WebappSession_UserId(userID.Bytes()))
	for _, dbxs := range dbxSessions {
		s, err := getSessionFromDBX(dbxs)
		if err != nil {
			return sessions, err
		}
		sessions = append(sessions, s)
	}

	return sessions, nil
}

// DeleteBySessionID deletes a webapp session by ID.
func (db *webappSessions) DeleteBySessionID(ctx context.Context, sessionID uuid.UUID) (err error) {
	defer mon.Task()(&ctx)(&err)

	_, err = db.db.Delete_WebappSession_By_Id(ctx, dbx.WebappSession_Id(sessionID.Bytes()))

	return err
}

// DeleteAllByUserID deletes all webapp sessions by user ID.
func (db *webappSessions) DeleteAllByUserID(ctx context.Context, userID uuid.UUID) (deleted int64, err error) {
	defer mon.Task()(&ctx)(&err)

	return db.db.Delete_WebappSession_By_UserId(ctx, dbx.WebappSession_UserId(userID.Bytes()))
}

func getSessionFromDBX(dbxSession *dbx.WebappSession) (consoleauth.WebappSession, error) {
	id, err := uuid.FromBytes(dbxSession.Id)
	if err != nil {
		return consoleauth.WebappSession{}, err
	}
	userID, err := uuid.FromBytes(dbxSession.UserId)
	if err != nil {
		return consoleauth.WebappSession{}, err
	}
	return consoleauth.WebappSession{
		ID:        id,
		UserID:    userID,
		Address:   dbxSession.IpAddress,
		UserAgent: dbxSession.UserAgent,
		Status:    dbxSession.Status,
		ExpiresAt: dbxSession.ExpiresAt,
	}, nil
}
satellite/console: implement WebappSessions db Create WebappSessions interface in consoleauth package. Interface implements the DB for webapp_sessions table. https://github.com/storj/storj/blob/main/docs/blueprints/webapp-session-management.md Change-Id: Ib56f238c20b58f2877046fc384232add253ee82b 2022-05-12 16:12:22 +01:00			`// Copyright (C) 2022 Storj Labs, Inc.`
			`// See LICENSE for copying information.`

			`package satellitedb`

			`import (`
			`"context"`
			`"time"`

			`"storj.io/common/uuid"`
			`"storj.io/storj/satellite/console/consoleauth"`
			`"storj.io/storj/satellite/satellitedb/dbx"`
			`)`

			`// ensures that *webappSessions implements consoleauth.WebappSessions.`
			`var _ consoleauth.WebappSessions = (*webappSessions)(nil)`

			`type webappSessions struct {`
			`db dbx.Methods`
			`}`

			`// Create creates a webapp session and returns the session info.`
			`func (db *webappSessions) Create(ctx context.Context, id, userID uuid.UUID, address, userAgent string, expiresAt time.Time) (session consoleauth.WebappSession, err error) {`
			`defer mon.Task()(&ctx)(&err)`

			`dbxSession, err := db.db.Create_WebappSession(ctx, dbx.WebappSession_Id(id.Bytes()), dbx.WebappSession_UserId(userID.Bytes()),`
			`dbx.WebappSession_IpAddress(address), dbx.WebappSession_UserAgent(userAgent), dbx.WebappSession_ExpiresAt(expiresAt))`
			`if err != nil {`
			`return session, err`
			`}`

			`return getSessionFromDBX(dbxSession)`
			`}`

satellite/console,web/satellite: invalidate sessions after inactivity Sessions now expire after a much shorter amount of time, requiring clients to issue API requests for session extension. This is handled behind the scenes as the user interacts with the page, but once session expiration is imminent, a modal appears which informs the user of his inactivity and presents him with the choice of loging out or preserving his session. Change-Id: I68008d45859c814a835d65d882ad5ad2199d618e 2022-07-19 10:26:18 +01:00			`// UpdateExpiration updates the expiration time of the session.`
			`func (db *webappSessions) UpdateExpiration(ctx context.Context, sessionID uuid.UUID, expiresAt time.Time) (err error) {`
			`defer mon.Task()(&ctx)(&err)`

			`_, err = db.db.Update_WebappSession_By_Id(`
			`ctx,`
			`dbx.WebappSession_Id(sessionID.Bytes()),`
			`dbx.WebappSession_Update_Fields{`
			`ExpiresAt: dbx.WebappSession_ExpiresAt(expiresAt),`
			`},`
			`)`

			`return err`
			`}`

satellite/console: implement WebappSessions db Create WebappSessions interface in consoleauth package. Interface implements the DB for webapp_sessions table. https://github.com/storj/storj/blob/main/docs/blueprints/webapp-session-management.md Change-Id: Ib56f238c20b58f2877046fc384232add253ee82b 2022-05-12 16:12:22 +01:00			`// GetBySessionID gets the session info from the session ID.`
			`func (db *webappSessions) GetBySessionID(ctx context.Context, sessionID uuid.UUID) (session consoleauth.WebappSession, err error) {`
			`defer mon.Task()(&ctx)(&err)`

			`dbxSession, err := db.db.Get_WebappSession_By_Id(ctx, dbx.WebappSession_Id(sessionID.Bytes()))`
			`if err != nil {`
			`return session, err`
			`}`

			`return getSessionFromDBX(dbxSession)`
			`}`

			`// GetAllByUserID gets all webapp sessions with userID.`
			`func (db *webappSessions) GetAllByUserID(ctx context.Context, userID uuid.UUID) (sessions []consoleauth.WebappSession, err error) {`
			`defer mon.Task()(&ctx)(&err)`

			`dbxSessions, err := db.db.All_WebappSession_By_UserId(ctx, dbx.WebappSession_UserId(userID.Bytes()))`
			`for _, dbxs := range dbxSessions {`
			`s, err := getSessionFromDBX(dbxs)`
			`if err != nil {`
			`return sessions, err`
			`}`
			`sessions = append(sessions, s)`
			`}`

			`return sessions, nil`
			`}`

			`// DeleteBySessionID deletes a webapp session by ID.`
			`func (db *webappSessions) DeleteBySessionID(ctx context.Context, sessionID uuid.UUID) (err error) {`
			`defer mon.Task()(&ctx)(&err)`

			`_, err = db.db.Delete_WebappSession_By_Id(ctx, dbx.WebappSession_Id(sessionID.Bytes()))`

			`return err`
			`}`

			`// DeleteAllByUserID deletes all webapp sessions by user ID.`
			`func (db *webappSessions) DeleteAllByUserID(ctx context.Context, userID uuid.UUID) (deleted int64, err error) {`
			`defer mon.Task()(&ctx)(&err)`

			`return db.db.Delete_WebappSession_By_UserId(ctx, dbx.WebappSession_UserId(userID.Bytes()))`
			`}`

			`func getSessionFromDBX(dbxSession *dbx.WebappSession) (consoleauth.WebappSession, error) {`
			`id, err := uuid.FromBytes(dbxSession.Id)`
			`if err != nil {`
			`return consoleauth.WebappSession{}, err`
			`}`
			`userID, err := uuid.FromBytes(dbxSession.UserId)`
			`if err != nil {`
			`return consoleauth.WebappSession{}, err`
			`}`
			`return consoleauth.WebappSession{`
			`ID: id,`
			`UserID: userID,`
			`Address: dbxSession.IpAddress,`
			`UserAgent: dbxSession.UserAgent,`
			`Status: dbxSession.Status,`
			`ExpiresAt: dbxSession.ExpiresAt,`
			`}, nil`
			`}`