tsa-auth-session 0.1.0

Session management for TSA
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108

use chrono::{Duration, Utc};
use std::sync::Arc;
use tsa_auth_core::{Result, Session, SessionRepository, TsaError};
use tsa_auth_token::OpaqueToken;
use uuid::Uuid;

#[derive(Debug, Clone)]
pub struct SessionConfig {
    pub session_expiry: Duration,
    pub token_length: usize,
}

impl Default for SessionConfig {
    fn default() -> Self {
        Self {
            session_expiry: Duration::days(30),
            token_length: 32,
        }
    }
}

pub struct SessionManager<R: SessionRepository> {
    repository: Arc<R>,
    config: SessionConfig,
}

impl<R: SessionRepository> SessionManager<R> {
    pub fn new(repository: Arc<R>, config: SessionConfig) -> Self {
        Self { repository, config }
    }

    pub async fn create_session(
        &self,
        user_id: Uuid,
        ip_address: Option<String>,
        user_agent: Option<String>,
    ) -> Result<(Session, String)> {
        let (token, token_hash) = OpaqueToken::generate_with_hash(self.config.token_length)?;

        let now = Utc::now();
        let session = Session {
            id: Uuid::new_v4(),
            user_id,
            token_hash,
            expires_at: now + self.config.session_expiry,
            created_at: now,
            ip_address,
            user_agent,
        };

        let created = self.repository.create(&session).await?;
        Ok((created, token))
    }

    pub async fn validate_session(&self, token: &str) -> Result<Session> {
        let token_hash = OpaqueToken::hash(token);
        let session = self
            .repository
            .find_by_token_hash(&token_hash)
            .await?
            .ok_or(TsaError::SessionNotFound)?;

        if session.expires_at < Utc::now() {
            self.repository.delete(session.id).await?;
            return Err(TsaError::SessionExpired);
        }

        Ok(session)
    }

    pub async fn invalidate_session(&self, session_id: Uuid) -> Result<()> {
        self.repository.delete(session_id).await
    }

    pub async fn invalidate_all_sessions(&self, user_id: Uuid) -> Result<()> {
        self.repository.delete_by_user_id(user_id).await
    }

    pub async fn get_user_sessions(&self, user_id: Uuid) -> Result<Vec<Session>> {
        self.repository.find_by_user_id(user_id).await
    }

    pub async fn cleanup_expired(&self) -> Result<u64> {
        self.repository.delete_expired().await
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_session_config_defaults() {
        let config = SessionConfig::default();
        assert_eq!(config.session_expiry, Duration::days(30));
        assert_eq!(config.token_length, 32);
    }

    #[test]
    fn test_session_config_custom() {
        let config = SessionConfig {
            session_expiry: Duration::hours(1),
            token_length: 64,
        };
        assert_eq!(config.session_expiry, Duration::hours(1));
        assert_eq!(config.token_length, 64);
    }
}