fix(login): improve auth handlers (#7969)

# Which Problems Are Solved During the implementation of #7486 it was noticed, that projections in the `auth` database schema could be blocked. Investigations suggested, that this is due to the use of [GORM](https://gorm.io/index.html) and it's inability to use an existing (sql) transaction. With the improved / simplified handling (see below) there should also be a minimal improvement in performance, resp. reduced database update statements. # How the Problems Are Solved The handlers in `auth` are exchanged to proper (sql) statements and gorm usage is removed for any writing part. To further improve / simplify the handling of the users, a new `auth.users3` table is created, where only attributes are handled, which are not yet available from the `projections.users`, `projections.login_name` and `projections.user_auth_methods` do not provide. This reduces the events handled in that specific handler by a lot. # Additional Changes None # Additional Context relates to #7486
2025-08-12 01:47:33 +00:00 · 2024-05-22 17:26:02 +02:00
parent cca342187b
commit fb162a7d75
25 changed files with 987 additions and 1279 deletions
--- a/internal/auth/repository/eventsourcing/eventstore/auth_request.go
+++ b/internal/auth/repository/eventsourcing/eventstore/auth_request.go
@@ -1517,12 +1517,12 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
 			user_repo.HumanPasswordlessTokenCheckFailedType,
 			user_repo.HumanU2FTokenCheckSucceededType,
 			user_repo.HumanU2FTokenCheckFailedType:
-			eventData, err := user_view_model.UserSessionFromEvent(event)
+			userAgentID, err := user_view_model.UserAgentIDFromEvent(event)
 			if err != nil {
 				logging.WithFields("traceID", tracing.TraceIDFromCtx(ctx)).WithError(err).Debug("error getting event data")
 				return user_view_model.UserSessionToModel(session), nil
 			}
-			if eventData.UserAgentID != agentID {
+			if userAgentID != agentID {
 				continue
 			}
 		case user_repo.UserRemovedType:
--- a/internal/auth/repository/eventsourcing/eventstore/auth_request_test.go
+++ b/internal/auth/repository/eventsourcing/eventstore/auth_request_test.go
@@ -2,6 +2,7 @@ package eventstore

 import (
 	"context"
+	"database/sql"
 	"encoding/json"
 	"testing"
 	"time"
@@ -75,11 +76,11 @@ type mockUser struct {

 func (m *mockViewUserSession) UserSessionByIDs(string, string, string) (*user_view_model.UserSessionView, error) {
 	return &user_view_model.UserSessionView{
-		ExternalLoginVerification: m.ExternalLoginVerification,
-		PasswordlessVerification:  m.PasswordlessVerification,
-		PasswordVerification:      m.PasswordVerification,
-		SecondFactorVerification:  m.SecondFactorVerification,
-		MultiFactorVerification:   m.MultiFactorVerification,
+		ExternalLoginVerification: sql.NullTime{Time: m.ExternalLoginVerification},
+		PasswordlessVerification:  sql.NullTime{Time: m.PasswordlessVerification},
+		PasswordVerification:      sql.NullTime{Time: m.PasswordVerification},
+		SecondFactorVerification:  sql.NullTime{Time: m.SecondFactorVerification},
+		MultiFactorVerification:   sql.NullTime{Time: m.MultiFactorVerification},
 	}, nil
 }

@@ -90,7 +91,7 @@ func (m *mockViewUserSession) UserSessionsByAgentID(string, string) ([]*user_vie
 			ResourceOwner: user.ResourceOwner,
 			State:         int32(user.SessionState),
 			UserID:        user.UserID,
-			LoginName:     user.LoginName,
+			LoginName:     sql.NullString{String: user.LoginName},
 		}
 	}
 	return sessions, nil