feat(api): new session service (#5801)

* backup new protoc plugin * backup * session * backup * initial implementation * change to specific events * implement tests * cleanup * refactor: use new protoc plugin for api v2 * change package * simplify code * cleanup * cleanup * fix merge * start queries * fix tests * improve returned values * add token to projection * tests * test db map * update query * permission checks * fix tests and linting * rework token creation * i18n * refactor token check and fix tests * session to PB test * request to query tests * cleanup proto * test user check * add comment * simplify database map type * Update docs/docs/guides/integrate/access-zitadel-system-api.md Co-authored-by: Tim Möhlmann <tim+github@zitadel.com> * fix test * cleanup * docs --------- Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2025-08-11 19:07:30 +00:00 · 2023-05-05 17:34:53 +02:00
parent 74377c2c37
commit c2cb84cd24
55 changed files with 3911 additions and 106 deletions
--- a/internal/command/session_model.go
+++ b/internal/command/session_model.go
@@ -0,0 +1,139 @@
+package command
+
+import (
+	"bytes"
+	"context"
+	"time"
+
+	"github.com/zitadel/zitadel/internal/domain"
+	"github.com/zitadel/zitadel/internal/eventstore"
+	"github.com/zitadel/zitadel/internal/repository/session"
+)
+
+type SessionWriteModel struct {
+	eventstore.WriteModel
+
+	TokenID           string
+	UserID            string
+	UserCheckedAt     time.Time
+	PasswordCheckedAt time.Time
+	Metadata          map[string][]byte
+	State             domain.SessionState
+
+	commands  []eventstore.Command
+	aggregate *eventstore.Aggregate
+}
+
+func NewSessionWriteModel(sessionID string, resourceOwner string) *SessionWriteModel {
+	return &SessionWriteModel{
+		WriteModel: eventstore.WriteModel{
+			AggregateID:   sessionID,
+			ResourceOwner: resourceOwner,
+		},
+		Metadata:  make(map[string][]byte),
+		aggregate: &session.NewAggregate(sessionID, resourceOwner).Aggregate,
+	}
+}
+
+func (wm *SessionWriteModel) Reduce() error {
+	for _, event := range wm.Events {
+		switch e := event.(type) {
+		case *session.AddedEvent:
+			wm.reduceAdded(e)
+		case *session.UserCheckedEvent:
+			wm.reduceUserChecked(e)
+		case *session.PasswordCheckedEvent:
+			wm.reducePasswordChecked(e)
+		case *session.TokenSetEvent:
+			wm.reduceTokenSet(e)
+		case *session.TerminateEvent:
+			wm.reduceTerminate()
+		}
+	}
+	return wm.WriteModel.Reduce()
+}
+
+func (wm *SessionWriteModel) Query() *eventstore.SearchQueryBuilder {
+	query := eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent).
+		AddQuery().
+		AggregateTypes(session.AggregateType).
+		AggregateIDs(wm.AggregateID).
+		EventTypes(
+			session.AddedType,
+			session.UserCheckedType,
+			session.PasswordCheckedType,
+			session.TokenSetType,
+			session.MetadataSetType,
+			session.TerminateType,
+		).
+		Builder()
+
+	if wm.ResourceOwner != "" {
+		query.ResourceOwner(wm.ResourceOwner)
+	}
+	return query
+}
+
+func (wm *SessionWriteModel) reduceAdded(e *session.AddedEvent) {
+	wm.State = domain.SessionStateActive
+}
+
+func (wm *SessionWriteModel) reduceUserChecked(e *session.UserCheckedEvent) {
+	wm.UserID = e.UserID
+	wm.UserCheckedAt = e.CheckedAt
+}
+
+func (wm *SessionWriteModel) reducePasswordChecked(e *session.PasswordCheckedEvent) {
+	wm.PasswordCheckedAt = e.CheckedAt
+}
+
+func (wm *SessionWriteModel) reduceTokenSet(e *session.TokenSetEvent) {
+	wm.TokenID = e.TokenID
+}
+
+func (wm *SessionWriteModel) reduceTerminate() {
+	wm.State = domain.SessionStateTerminated
+}
+
+func (wm *SessionWriteModel) Start(ctx context.Context) {
+	wm.commands = append(wm.commands, session.NewAddedEvent(ctx, wm.aggregate))
+}
+
+func (wm *SessionWriteModel) UserChecked(ctx context.Context, userID string, checkedAt time.Time) error {
+	wm.commands = append(wm.commands, session.NewUserCheckedEvent(ctx, wm.aggregate, userID, checkedAt))
+	// set the userID so other checks can use it
+	wm.UserID = userID
+	return nil
+}
+
+func (wm *SessionWriteModel) PasswordChecked(ctx context.Context, checkedAt time.Time) {
+	wm.commands = append(wm.commands, session.NewPasswordCheckedEvent(ctx, wm.aggregate, checkedAt))
+}
+
+func (wm *SessionWriteModel) SetToken(ctx context.Context, tokenID string) {
+	wm.commands = append(wm.commands, session.NewTokenSetEvent(ctx, wm.aggregate, tokenID))
+}
+
+func (wm *SessionWriteModel) ChangeMetadata(ctx context.Context, metadata map[string][]byte) {
+	var changed bool
+	for key, value := range metadata {
+		currentValue, exists := wm.Metadata[key]
+
+		if len(value) != 0 {
+			// if a value is provided, and it's not equal, change it
+			if !bytes.Equal(currentValue, value) {
+				wm.Metadata[key] = value
+				changed = true
+			}
+		} else {
+			// if there's no / an empty value, we only need to remove it on existing entries
+			if exists {
+				delete(wm.Metadata, key)
+				changed = true
+			}
+		}
+	}
+	if changed {
+		wm.commands = append(wm.commands, session.NewMetadataSetEvent(ctx, wm.aggregate, wm.Metadata))
+	}
+}