Add list sessions to user management

[adam-h]

Implementing the 'List sessions' API [1] providing a way to get the list of a users sessions data and a clean API to revoke them using the existing user management API.

Note that due to how this gem already has a Session class at the root level, which provides the 'session helpers' [2] I nested this in the UserManagement namespace so as not to conflict or require a breaking change.

1: https://workos.com/docs/reference/authkit/session/list
2: https://workos.com/docs/reference/authkit/session-helpers

Documentation

Does this require changes to the WorkOS Docs? E.g. the API Reference or code snippets need updates.

[x] Yes, (new) ruby API needs including

If yes, link a related docs PR and add a docs maintainer as a reviewer. Their approval is required.

[greptile-apps]

Greptile Summary

Implements the List Sessions API to retrieve a user's active sessions with pagination support. The implementation creates a new WorkOS::UserManagement::Session class (namespaced to avoid conflict with the existing WorkOS::Session helper class) that wraps session data and provides a convenient revoke method. The list_sessions method follows the established pattern used by other list methods in the codebase (list_users, list_auth_factors, etc.) with consistent pagination options and response structure.

• Added list_sessions(user_id:, options: {}) method to UserManagement module with standard pagination parameters
• Created new WorkOS::UserManagement::Session class with all session attributes (id, status, auth_method, ip_address, user_agent, expires_at, etc.)
• Implemented revoke instance method on Session class that delegates to existing UserManagement.revoke_session
• Added comprehensive test coverage with VCR cassettes

Confidence Score: 5/5

• This PR is safe to merge with no issues found
• The implementation follows established patterns in the codebase perfectly, uses proper namespacing to avoid conflicts, includes comprehensive tests, and adheres to the gem's existing conventions. No security concerns as API key is properly sanitized in test fixtures.
• No files require special attention

Important Files Changed

Filename	Overview
lib/workos/user_management.rb	Added list_sessions method following existing patterns in the codebase, properly using pagination and consistent with other list methods
lib/workos/user_management/session.rb	New Session class properly namespaced under UserManagement to avoid conflict with existing WorkOS::Session class, includes all session attributes and revoke method
spec/lib/workos/user_management_spec.rb	Added comprehensive tests for list_sessions including validation of returned data structure and revoke functionality

Sequence Diagram

sequenceDiagram
    participant Client
    participant UserManagement
    participant Session as UserManagement::Session
    participant API as WorkOS API
    
    Note over Client,API: List Sessions Flow
    Client->>UserManagement: list_sessions(user_id, options)
    UserManagement->>UserManagement: Set default order='desc'
    UserManagement->>API: GET /user_management/users/{user_id}/sessions
    API-->>UserManagement: JSON response with sessions array
    UserManagement->>UserManagement: Parse JSON response
    loop For each session
        UserManagement->>Session: new(session.to_json)
        Session-->>UserManagement: Session instance
    end
    UserManagement->>UserManagement: Create ListStruct with sessions
    UserManagement-->>Client: ListStruct with Session objects
    
    Note over Client,API: Revoke Session Flow
    Client->>Session: revoke()
    Session->>UserManagement: revoke_session(session_id: id)
    UserManagement->>API: POST /user_management/sessions/revoke
    API-->>UserManagement: Success response
    UserManagement-->>Session: true
    Session-->>Client: true

Loading

[greptile-apps]

_{4 files reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}