feat: add session expiration tracking and validation

feat: implement Redis caching for terminated sessions feat: add new session GUID queries for validation refactor: extend Session model with last_refresh_exp_time refactor: update token generation to include role and session refactor: modify auth middleware to validate session status refactor: replace GetUserSessions with GetValidUserSessions chore: add uuid/v5 dependency fix: update router to pass dependencies to auth middleware chore: update SQL schema and queries for new expiration field
2025-07-14 20:44:30 +03:00
parent 24cb8ecb6e
commit d8ea9f79c6
10 changed files with 248 additions and 74 deletions
--- a/backend/internal/database/models.go
+++ b/backend/internal/database/models.go
@@ -63,15 +63,16 @@ type ProfileSetting struct {
 }

 type Session struct {
-	ID           int64
-	UserID       int64
-	Guid         pgtype.UUID
-	Name         *string
-	Platform     *string
-	LatestIp     *string
-	LoginTime    pgtype.Timestamp
-	LastSeenDate pgtype.Timestamp
-	Terminated   *bool
+	ID                 int64
+	UserID             int64
+	Guid               pgtype.UUID
+	Name               *string
+	Platform           *string
+	LatestIp           *string
+	LoginTime          pgtype.Timestamp
+	LastRefreshExpTime pgtype.Timestamp
+	LastSeenDate       pgtype.Timestamp
+	Terminated         *bool
 }

 type User struct {
--- a/backend/internal/database/query.sql.go
+++ b/backend/internal/database/query.sql.go
@@ -201,7 +201,7 @@ func (q *Queries) CreateProfileSettings(ctx context.Context, profileID int64) (P

 const createSession = `-- name: CreateSession :one
 INSERT INTO sessions(user_id, name, platform, latest_ip)
-VALUES ($1, $2, $3, $4) RETURNING id, user_id, guid, name, platform, latest_ip, login_time, last_seen_date, terminated
+VALUES ($1, $2, $3, $4) RETURNING id, user_id, guid, name, platform, latest_ip, login_time, last_refresh_exp_time, last_seen_date, terminated
 `

 type CreateSessionParams struct {
@@ -227,6 +227,7 @@ func (q *Queries) CreateSession(ctx context.Context, arg CreateSessionParams) (S
 		&i.Platform,
 		&i.LatestIp,
 		&i.LoginTime,
+		&i.LastRefreshExpTime,
 		&i.LastSeenDate,
 		&i.Terminated,
 	)
@@ -484,6 +485,56 @@ func (q *Queries) GetProfilesRestricted(ctx context.Context, arg GetProfilesRest
 	return items, nil
 }

+const getSessionByGuid = `-- name: GetSessionByGuid :one
+SELECT id, user_id, guid, name, platform, latest_ip, login_time, last_refresh_exp_time, last_seen_date, terminated FROM sessions
+WHERE guid = ($1::text)::uuid
+`
+
+func (q *Queries) GetSessionByGuid(ctx context.Context, guid string) (Session, error) {
+	row := q.db.QueryRow(ctx, getSessionByGuid, guid)
+	var i Session
+	err := row.Scan(
+		&i.ID,
+		&i.UserID,
+		&i.Guid,
+		&i.Name,
+		&i.Platform,
+		&i.LatestIp,
+		&i.LoginTime,
+		&i.LastRefreshExpTime,
+		&i.LastSeenDate,
+		&i.Terminated,
+	)
+	return i, err
+}
+
+const getUnexpiredTerminatedSessionsGuids = `-- name: GetUnexpiredTerminatedSessionsGuids :many
+SELECT guid FROM sessions
+WHERE 
+  terminated IS TRUE AND
+  last_refresh_exp_time > CURRENT_TIMESTAMP
+`
+
+func (q *Queries) GetUnexpiredTerminatedSessionsGuids(ctx context.Context) ([]pgtype.UUID, error) {
+	rows, err := q.db.Query(ctx, getUnexpiredTerminatedSessionsGuids)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	var items []pgtype.UUID
+	for rows.Next() {
+		var guid pgtype.UUID
+		if err := rows.Scan(&guid); err != nil {
+			return nil, err
+		}
+		items = append(items, guid)
+	}
+	if err := rows.Err(); err != nil {
+		return nil, err
+	}
+	return items, nil
+}
+
 const getUser = `-- name: GetUser :one
 SELECT id, username, verified, registration_date, deleted FROM users
 WHERE id = $1
@@ -608,41 +659,6 @@ func (q *Queries) GetUserByUsername(ctx context.Context, username string) (User,
 	return i, err
 }

-const getUserSessions = `-- name: GetUserSessions :many
-SELECT id, user_id, guid, name, platform, latest_ip, login_time, last_seen_date, terminated FROM sessions
-WHERE user_id = $1 AND terminated IS FALSE
-`
-
-func (q *Queries) GetUserSessions(ctx context.Context, userID int64) ([]Session, error) {
-	rows, err := q.db.Query(ctx, getUserSessions, userID)
-	if err != nil {
-		return nil, err
-	}
-	defer rows.Close()
-	var items []Session
-	for rows.Next() {
-		var i Session
-		if err := rows.Scan(
-			&i.ID,
-			&i.UserID,
-			&i.Guid,
-			&i.Name,
-			&i.Platform,
-			&i.LatestIp,
-			&i.LoginTime,
-			&i.LastSeenDate,
-			&i.Terminated,
-		); err != nil {
-			return nil, err
-		}
-		items = append(items, i)
-	}
-	if err := rows.Err(); err != nil {
-		return nil, err
-	}
-	return items, nil
-}
-
 const getValidConfirmationCodeByCode = `-- name: GetValidConfirmationCodeByCode :one
 SELECT id, user_id, code_type, code_hash, expires_at, used, deleted FROM confirmation_codes
 WHERE 
@@ -778,6 +794,44 @@ func (q *Queries) GetValidUserByLoginCredentials(ctx context.Context, arg GetVal
 	return i, err
 }

+const getValidUserSessions = `-- name: GetValidUserSessions :many
+SELECT id, user_id, guid, name, platform, latest_ip, login_time, last_refresh_exp_time, last_seen_date, terminated FROM sessions
+WHERE 
+  user_id = $1 AND terminated IS FALSE AND
+  last_refresh_exp_time > CURRENT_TIMESTAMP
+`
+
+func (q *Queries) GetValidUserSessions(ctx context.Context, userID int64) ([]Session, error) {
+	rows, err := q.db.Query(ctx, getValidUserSessions, userID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	var items []Session
+	for rows.Next() {
+		var i Session
+		if err := rows.Scan(
+			&i.ID,
+			&i.UserID,
+			&i.Guid,
+			&i.Name,
+			&i.Platform,
+			&i.LatestIp,
+			&i.LoginTime,
+			&i.LastRefreshExpTime,
+			&i.LastSeenDate,
+			&i.Terminated,
+		); err != nil {
+			return nil, err
+		}
+		items = append(items, i)
+	}
+	if err := rows.Err(); err != nil {
+		return nil, err
+	}
+	return items, nil
+}
+
 const pruneExpiredConfirmationCodes = `-- name: PruneExpiredConfirmationCodes :exec
 DELETE FROM confirmation_codes
 WHERE expires_at < CURRENT_TIMESTAMP
@@ -975,19 +1029,21 @@ SET
  platform = COALESCE($3, platform),
  latest_ip = COALESCE($4, latest_ip),
  login_time = COALESCE($5, login_time),
-  last_seen_date = COALESCE($6, last_seen_date),
-  terminated = COALESCE($7, terminated)
+  last_refresh_exp_time = COALESCE($6, last_refresh_exp_time),
+  last_seen_date = COALESCE($7, last_seen_date),
+  terminated = COALESCE($8, terminated)
 WHERE id = $1
 `

 type UpdateSessionParams struct {
-	ID           int64
-	Name         *string
-	Platform     *string
-	LatestIp     *string
-	LoginTime    pgtype.Timestamp
-	LastSeenDate pgtype.Timestamp
-	Terminated   *bool
+	ID                 int64
+	Name               *string
+	Platform           *string
+	LatestIp           *string
+	LoginTime          pgtype.Timestamp
+	LastRefreshExpTime pgtype.Timestamp
+	LastSeenDate       pgtype.Timestamp
+	Terminated         *bool
 }

 func (q *Queries) UpdateSession(ctx context.Context, arg UpdateSessionParams) error {
@@ -997,6 +1053,7 @@ func (q *Queries) UpdateSession(ctx context.Context, arg UpdateSessionParams) er
 		arg.Platform,
 		arg.LatestIp,
 		arg.LoginTime,
+		arg.LastRefreshExpTime,
 		arg.LastSeenDate,
 		arg.Terminated,
 	)