Skip to content

Add unbounded sessions #205

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Temmmmmo merged 25 commits into from
Dec 7, 2024
Merged

Add unbounded sessions #205

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
973b924
Add unbounded sessions
DaymasS Aug 20, 2024
6895ed9
Add unbounded sessions
DaymasS Aug 20, 2024
614a7e7
Fix session scopes
DaymasS Aug 27, 2024
3ba3638
Fixes for unbounded sessions
DaymasS Sep 2, 2024
8835c69
Add tests for unbounded sessions
DaymasS Sep 3, 2024
c7dd95c
Merge branch 'main' into Add-unbounded-sessions
DaymasS Sep 3, 2024
6a2d871
Fix tests
DaymasS Sep 3, 2024
4560805
Temp Pydantic fix
DaymasS Sep 12, 2024
0f6a3fd
Merge branch 'main' into Add-unbounded-sessions
DaymasS Sep 19, 2024
0640421
Merge
DaymasS Oct 18, 2024
6b4a3cf
Test fix
DaymasS Oct 18, 2024
8a9f1f9
Merge branch 'main' into Add-unbounded-sessions
DaymasS Nov 6, 2024
440adb4
Fix unbounded for login
DaymasS Nov 6, 2024
198fbf1
Minor style fix
DaymasS Nov 6, 2024
7a69b84
Merge branch 'main' into Add-unbounded-sessions
DaymasS Nov 8, 2024
e287390
Fix get name and group from lk.msu (#219) (#222)
DaymasS Nov 23, 2024
7d62c75
Merge branch 'main' into Add-unbounded-sessions
DaymasS Nov 23, 2024
45cb217
Minor style fix
DaymasS Nov 23, 2024
6f1fbd2
Fix unbounded bug
DaymasS Nov 23, 2024
29baeb7
Fix migrations
DaymasS Nov 25, 2024
711c048
Default unbounded to false
DaymasS Nov 25, 2024
c65a80c
Merge branch 'main' into Add-unbounded-sessions
DaymasS Nov 25, 2024
5d695b0
Merge branch 'main' into Add-unbounded-sessions
DaymasS Dec 7, 2024
30f8447
merge migrations
DaymasS Dec 7, 2024
0303cef
merge migrations lint
DaymasS Dec 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 8 additions & 2 deletions auth_backend/auth_method/method_mixins.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,13 @@ async def _login(*args, **kwargs) -> Session:

@staticmethod
async def _create_session(
user: User, scopes_list_names: list[TypeScope] | None, session_name: str | None = None, *, db_session: DbSession
user: User,
scopes_list_names: list[TypeScope] | None,
session_name: str | None = None,
*,
db_session: DbSession,
) -> Session:
"""Создает сессию пользователя"""
return await create_session(user, scopes_list_names, db_session=db_session, session_name=session_name)
return await create_session(
user, scopes_list_names, db_session=db_session, session_name=session_name, is_unbounded=True
)
5 changes: 4 additions & 1 deletion auth_backend/auth_plugins/email.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -166,7 +166,10 @@ async def _login(cls, user_inp: EmailLogin, background_tasks: BackgroundTasks) -
userdata,
)
return await cls._create_session(
query.user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
query.user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@staticmethod
Expand Down
10 changes: 8 additions & 2 deletions auth_backend/auth_plugins/github.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,10 @@ async def _register(
)
await AuthPluginMeta.user_updated(new_user, old_user)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down Expand Up @@ -169,7 +172,10 @@ async def _login(cls, user_inp: OauthResponseSchema, background_tasks: Backgroun
userdata,
)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down
10 changes: 8 additions & 2 deletions auth_backend/auth_plugins/google.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,10 @@ async def _register(
)
await AuthPluginMeta.user_updated(new_user, old_user)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down Expand Up @@ -161,7 +164,10 @@ async def _login(cls, user_inp: OauthResponseSchema, background_tasks: Backgroun
userdata,
)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down
10 changes: 8 additions & 2 deletions auth_backend/auth_plugins/keycloak.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,10 @@ async def _register(
)
await AuthPluginMeta.user_updated(new_user, old_user)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down Expand Up @@ -170,7 +173,10 @@ async def _login(cls, user_inp: OauthResponseSchema, background_tasks: Backgroun
userdata,
)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down
10 changes: 8 additions & 2 deletions auth_backend/auth_plugins/lkmsu.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,10 @@ async def _register(
)
await AuthPluginMeta.user_updated(new_user, old_user)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down Expand Up @@ -164,7 +167,10 @@ async def _login(
userdata,
)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down
10 changes: 8 additions & 2 deletions auth_backend/auth_plugins/telegram.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,10 @@ async def _register(
)
await AuthPluginMeta.user_updated(new_user, old_user)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down Expand Up @@ -118,7 +121,10 @@ async def _login(cls, user_inp: OauthResponseSchema, background_tasks: Backgroun
userdata,
)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down
10 changes: 8 additions & 2 deletions auth_backend/auth_plugins/vk.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,10 @@ async def _register(
)
await AuthPluginMeta.user_updated(new_user, old_user)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down Expand Up @@ -170,7 +173,10 @@ async def _login(cls, user_inp: OauthResponseSchema, background_tasks: Backgroun
userdata,
)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down
10 changes: 8 additions & 2 deletions auth_backend/auth_plugins/yandex.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,10 @@ async def _register(
)
await AuthPluginMeta.user_updated(new_user, old_user)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down Expand Up @@ -174,7 +177,10 @@ async def _login(cls, user_inp: OauthResponseSchema, background_tasks: Backgroun
userdata,
)
return await cls._create_session(
user, user_inp.scopes, db_session=db.session, session_name=user_inp.session_name
user,
user_inp.scopes,
db_session=db.session,
session_name=user_inp.session_name,
)

@classmethod
Expand Down
1 change: 1 addition & 0 deletions auth_backend/models/db.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -158,6 +158,7 @@ class UserSession(BaseDbModel):
user_id: Mapped[int] = mapped_column(Integer, sqlalchemy.ForeignKey("user.id"))
expires: Mapped[datetime.datetime] = mapped_column(DateTime, default=session_expires_date)
token: Mapped[str] = mapped_column(String, unique=True)
is_unbounded: Mapped[bool] = mapped_column(Boolean, default=False)
last_activity: Mapped[datetime.datetime] = mapped_column(DateTime, default=datetime.datetime.utcnow)
create_ts: Mapped[datetime.datetime] = mapped_column(DateTime, default=datetime.datetime.utcnow)
user: Mapped[User] = relationship(
Expand Down
12 changes: 10 additions & 2 deletions auth_backend/routes/user_session.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,11 @@ async def me(
| UserIndirectGroups(indirect_groups=[group.id for group in session.user.indirect_groups]).model_dump()
)
if "session_scopes" in info:
result = result | SessionScopes(session_scopes=session.scopes).model_dump()
result = result | (
SessionScopes(session_scopes=session.user.scopes).model_dump()
if session.is_unbounded
else SessionScopes(session_scopes=session.scopes).model_dump()
)
if "user_scopes" in info:
result = result | UserScopes(user_scopes=session.user.scopes).model_dump()
if "auth_methods" in info:
Expand Down Expand Up @@ -98,6 +102,7 @@ async def create_session(
new_session.expires,
db_session=db.session,
session_name=new_session.session_name,
is_unbounded=new_session.is_unbounded,
)


Expand Down Expand Up @@ -146,9 +151,12 @@ async def get_sessions(
id=session.id,
last_activity=session.last_activity,
session_name=session.session_name,
is_unbounded=session.is_unbounded,
)
if "session_scopes" in info:
result['session_scopes'] = [_scope.name for _scope in session.scopes]
result['session_scopes'] = [
_scope.name for _scope in (session.user.scopes if session.is_unbounded else session.scopes)
]
if "token" in info:
result['token'] = session.token[-4:]
if "expires" in info:
Expand Down
2 changes: 2 additions & 0 deletions auth_backend/schemas/models.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,7 @@ class Session(Base):
expires: datetime | None = None
id: int
user_id: int
is_unbounded: bool | None = None
session_scopes: list[Scope] | None = None
last_activity: datetime

Expand All @@ -140,6 +141,7 @@ class SessionPost(Base):
session_name: str | None = None
scopes: list[Scope] = []
expires: datetime | None = None
is_unbounded: bool | None = None

@classmethod
@field_validator("expires")
Expand Down
7 changes: 6 additions & 1 deletion auth_backend/utils/security.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,12 @@ async def __call__(

if user_session.expired:
self._except()
session_scopes = set([scope.name.lower() for scope in user_session.scopes])
session_scopes = set(
[
scope.name.lower()
for scope in (user_session.user.scopes if user_session.is_unbounded else user_session.scopes)
]
)
if self._SESSION_UPDATE_SCOPE in session_scopes:
user_session.expires = session_expires_date()
db.session.commit()
Expand Down
8 changes: 6 additions & 2 deletions auth_backend/utils/user_session_control.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ async def create_session(
scopes_list_names: list[TypeScope] | None,
expires: datetime | None = None,
session_name: str | None = None,
is_unbounded: bool = False,
*,
db_session: DbSession,
) -> Session:
Expand All @@ -33,17 +34,20 @@ async def create_session(
user_id=user.id, token=random_string(length=settings.TOKEN_LENGTH), session_name=session_name
)
user_session.expires = expires or user_session.expires
user_session.is_unbounded = is_unbounded
db_session.add(user_session)
db_session.flush()
for scope in scopes:
db_session.add(UserSessionScope(scope_id=scope.id, user_session_id=user_session.id))
if not user_session.is_unbounded:
for scope in scopes:
db_session.add(UserSessionScope(scope_id=scope.id, user_session_id=user_session.id))
db_session.commit()
return Session(
session_name=session_name,
user_id=user_session.user_id,
token=user_session.token,
id=user_session.id,
expires=user_session.expires,
is_unbounded=user_session.is_unbounded,
session_scopes=[_scope.name for _scope in user_session.scopes],
last_activity=user_session.last_activity,
)
Expand Down
27 changes: 27 additions & 0 deletions migrations/versions/6dffd8e42152_193_add_unbounded_sessions.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
"""193 Add unbounded sessions

Revision ID: 6dffd8e42152
Revises: 2d29fc132e89
Create Date: 2024-08-19 19:27:25.867548

"""

import sqlalchemy as sa
from alembic import op


# revision identifiers, used by Alembic.
revision = '6dffd8e42152'
down_revision = '2d29fc132e89'
branch_labels = None
depends_on = None


def upgrade():
op.add_column('user_session', sa.Column('is_unbounded', sa.Boolean(), nullable=True))
op.execute("UPDATE user_session SET is_unbounded='false'")
op.alter_column('user_session', 'is_unbounded', nullable=False)


def downgrade():
op.drop_column('user_session', 'is_unbounded')
Loading
Loading