fix: rolling session renewal

This commit is contained in:
2026-05-21 19:09:49 +02:00
parent 836c67f202
commit c5c15cdabc
7 changed files with 57 additions and 5 deletions

View File

@@ -3,16 +3,20 @@ package domain
import (
"context"
"mal/internal/db"
"time"
)
type User = db.User
type Session = db.Session
type APIToken = db.ApiToken
const SessionLifetime = 90 * 24 * time.Hour
type AuthService interface {
Login(ctx context.Context, username, password string) (*Session, error)
LoginForAPIToken(ctx context.Context, username, password, name string) (token string, user *User, err error)
ValidateSession(ctx context.Context, sessionID string) (*User, error)
RefreshSession(ctx context.Context, sessionID string) error
ValidateAPIToken(ctx context.Context, token string) (*User, error)
Logout(ctx context.Context, sessionID string) error
RevokeAllAPITokensForUser(ctx context.Context, userID string) error
@@ -23,6 +27,7 @@ type AuthRepository interface {
GetUserByID(ctx context.Context, id string) (*User, error)
CreateSession(ctx context.Context, userID string, sessionID string) (*Session, error)
GetSession(ctx context.Context, sessionID string) (*Session, error)
RefreshSession(ctx context.Context, sessionID string, expiresAt time.Time) error
DeleteSession(ctx context.Context, sessionID string) error
CreateAPIToken(ctx context.Context, userID, tokenHash, name string) (*APIToken, error)
GetAPITokenByHash(ctx context.Context, tokenHash string) (*APIToken, error)