fix(login): improve auth handlers (#7969)

# Which Problems Are Solved

During the implementation of #7486 it was noticed, that projections in
the `auth` database schema could be blocked.
Investigations suggested, that this is due to the use of
[GORM](https://gorm.io/index.html) and it's inability to use an existing
(sql) transaction.
With the improved / simplified handling (see below) there should also be
a minimal improvement in performance, resp. reduced database update
statements.

# How the Problems Are Solved

The handlers in `auth` are exchanged to proper (sql) statements and gorm
usage is removed for any writing part.
To further improve / simplify the handling of the users, a new
`auth.users3` table is created, where only attributes are handled, which
are not yet available from the `projections.users`,
`projections.login_name` and `projections.user_auth_methods` do not
provide. This reduces the events handled in that specific handler by a
lot.

# Additional Changes

None

# Additional Context

relates to #7486

internal/auth/repository/eventsourcing/view/refresh_token.go

@@ -4,13 +4,10 @@ import (
 	"context"
 
 	"github.com/zitadel/zitadel/internal/api/authz"
-	"github.com/zitadel/zitadel/internal/eventstore"
-	"github.com/zitadel/zitadel/internal/eventstore/v1/models"
 	"github.com/zitadel/zitadel/internal/query"
 	user_model "github.com/zitadel/zitadel/internal/user/model"
 	usr_view "github.com/zitadel/zitadel/internal/user/repository/view"
 	"github.com/zitadel/zitadel/internal/user/repository/view/model"
-	"github.com/zitadel/zitadel/internal/zerrors"
 )
 
 const (
@@ -29,54 +26,6 @@ func (v *View) SearchRefreshTokens(request *user_model.RefreshTokenSearchRequest
 	return usr_view.SearchRefreshTokens(v.Db, refreshTokenTable, request)
 }
 
-func (v *View) PutRefreshToken(token *model.RefreshTokenView) error {
-	return usr_view.PutRefreshToken(v.Db, refreshTokenTable, token)
-}
-
-func (v *View) PutRefreshTokens(token []*model.RefreshTokenView) error {
-	return usr_view.PutRefreshTokens(v.Db, refreshTokenTable, token...)
-}
-
-func (v *View) DeleteRefreshToken(tokenID, instanceID string) error {
-	err := usr_view.DeleteRefreshToken(v.Db, refreshTokenTable, tokenID, instanceID)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) DeleteUserRefreshTokens(userID, instanceID string) error {
-	err := usr_view.DeleteUserRefreshTokens(v.Db, refreshTokenTable, userID, instanceID)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) DeleteApplicationRefreshTokens(event *models.Event, ids ...string) error {
-	err := usr_view.DeleteApplicationTokens(v.Db, refreshTokenTable, event.InstanceID, ids)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) DeleteInstanceRefreshTokens(instanceID string) error {
-	err := usr_view.DeleteInstanceRefreshTokens(v.Db, refreshTokenTable, instanceID)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) DeleteOrgRefreshTokens(event eventstore.Event) error {
-	err := usr_view.DeleteOrgRefreshTokens(v.Db, refreshTokenTable, event.Aggregate().InstanceID, event.Aggregate().ResourceOwner)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
 func (v *View) GetLatestRefreshTokenSequence(ctx context.Context) (_ *query.CurrentState, err error) {
 	q := &query.CurrentStateSearchQueries{
 		Queries: make([]query.SearchQuery, 2),

internal/auth/repository/eventsourcing/view/token.go

@@ -3,12 +3,10 @@ package view
 import (
 	"context"
 
-	"github.com/zitadel/zitadel/internal/eventstore"
 	"github.com/zitadel/zitadel/internal/query"
 	"github.com/zitadel/zitadel/internal/telemetry/tracing"
 	usr_view "github.com/zitadel/zitadel/internal/user/repository/view"
 	"github.com/zitadel/zitadel/internal/user/repository/view/model"
-	"github.com/zitadel/zitadel/internal/zerrors"
 )
 
 const (
@@ -23,70 +21,6 @@ func (v *View) TokensByUserID(userID, instanceID string) ([]*model.TokenView, er
 	return usr_view.TokensByUserID(v.Db, tokenTable, userID, instanceID)
 }
 
-func (v *View) PutToken(token *model.TokenView) error {
-	return usr_view.PutToken(v.Db, tokenTable, token)
-}
-
-func (v *View) PutTokens(token []*model.TokenView) error {
-	return usr_view.PutTokens(v.Db, tokenTable, token...)
-}
-
-func (v *View) DeleteToken(tokenID, instanceID string) error {
-	err := usr_view.DeleteToken(v.Db, tokenTable, tokenID, instanceID)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) DeleteSessionTokens(agentID string, event eventstore.Event) error {
-	err := usr_view.DeleteSessionTokens(v.Db, tokenTable, agentID, event.Aggregate().ID, event.Aggregate().InstanceID)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) DeleteUserTokens(event eventstore.Event) error {
-	err := usr_view.DeleteUserTokens(v.Db, tokenTable, event.Aggregate().ID, event.Aggregate().InstanceID)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) DeleteApplicationTokens(event eventstore.Event, ids ...string) error {
-	err := usr_view.DeleteApplicationTokens(v.Db, tokenTable, event.Aggregate().InstanceID, ids)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) DeleteTokensFromRefreshToken(refreshTokenID, instanceID string) error {
-	err := usr_view.DeleteTokensFromRefreshToken(v.Db, tokenTable, refreshTokenID, instanceID)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) DeleteInstanceTokens(event eventstore.Event) error {
-	err := usr_view.DeleteInstanceTokens(v.Db, tokenTable, event.Aggregate().InstanceID)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) DeleteOrgTokens(event eventstore.Event) error {
-	err := usr_view.DeleteOrgTokens(v.Db, tokenTable, event.Aggregate().InstanceID, event.Aggregate().ResourceOwner)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
 func (v *View) GetLatestTokenSequence(ctx context.Context, instanceID string) (_ *query.CurrentState, err error) {
 	ctx, span := tracing.NewSpan(ctx)
 	defer func() { span.EndWithError(err) }()

internal/auth/repository/eventsourcing/view/user.go

@@ -5,7 +5,6 @@ import (
 
 	"github.com/zitadel/logging"
 
-	"github.com/zitadel/zitadel/internal/eventstore"
 	"github.com/zitadel/zitadel/internal/query"
 	usr_model "github.com/zitadel/zitadel/internal/user/model"
 	"github.com/zitadel/zitadel/internal/user/repository/view"
@@ -14,7 +13,7 @@ import (
 )
 
 const (
-	userTable = "auth.users2"
+	userTable = "auth.users3"
 )
 
 func (v *View) UserByID(userID, instanceID string) (*model.UserView, error) {
@@ -142,42 +141,6 @@ func (v *View) userByID(ctx context.Context, instanceID string, queries ...query
 	return user, nil
 }
 
-func (v *View) UsersByOrgID(orgID, instanceID string) ([]*model.UserView, error) {
-	return view.UsersByOrgID(v.Db, userTable, orgID, instanceID)
-}
-
-func (v *View) PutUser(user *model.UserView, event eventstore.Event) error {
-	return view.PutUser(v.Db, userTable, user)
-}
-
-func (v *View) PutUsers(users []*model.UserView, event eventstore.Event) error {
-	return view.PutUsers(v.Db, userTable, users...)
-}
-
-func (v *View) DeleteUser(userID, instanceID string, event eventstore.Event) error {
-	err := view.DeleteUser(v.Db, userTable, userID, instanceID)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) DeleteInstanceUsers(event eventstore.Event) error {
-	err := view.DeleteInstanceUsers(v.Db, userTable, event.Aggregate().InstanceID)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) UpdateOrgOwnerRemovedUsers(event eventstore.Event) error {
-	err := view.UpdateOrgOwnerRemovedUsers(v.Db, userTable, event.Aggregate().InstanceID, event.Aggregate().ID)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
 func (v *View) GetLatestUserSequence(ctx context.Context, instanceID string) (_ *query.CurrentState, err error) {
 	q := &query.CurrentStateSearchQueries{
 		Queries: make([]query.SearchQuery, 2),

internal/auth/repository/eventsourcing/view/user_session.go

@@ -3,11 +3,9 @@ package view
 import (
 	"context"
 
-	"github.com/zitadel/zitadel/internal/eventstore"
 	"github.com/zitadel/zitadel/internal/query"
 	"github.com/zitadel/zitadel/internal/user/repository/view"
 	"github.com/zitadel/zitadel/internal/user/repository/view/model"
-	"github.com/zitadel/zitadel/internal/zerrors"
 )
 
 const (
@@ -22,34 +20,6 @@ func (v *View) UserSessionsByAgentID(agentID, instanceID string) ([]*model.UserS
 	return view.UserSessionsByAgentID(v.client, agentID, instanceID)
 }
 
-func (v *View) PutUserSession(userSession *model.UserSessionView) error {
-	return view.PutUserSession(v.Db, userSessionTable, userSession)
-}
-
-func (v *View) DeleteUserSessions(userID, instanceID string) error {
-	err := view.DeleteUserSessions(v.Db, userSessionTable, userID, instanceID)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) DeleteInstanceUserSessions(instanceID string) error {
-	err := view.DeleteInstanceUserSessions(v.Db, userSessionTable, instanceID)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
-func (v *View) DeleteOrgUserSessions(event eventstore.Event) error {
-	err := view.DeleteOrgUserSessions(v.Db, userSessionTable, event.Aggregate().InstanceID, event.Aggregate().ResourceOwner)
-	if err != nil && !zerrors.IsNotFound(err) {
-		return err
-	}
-	return nil
-}
-
 func (v *View) GetLatestUserSessionSequence(ctx context.Context, instanceID string) (_ *query.CurrentState, err error) {
 	q := &query.CurrentStateSearchQueries{
 		Queries: make([]query.SearchQuery, 2),