kmc7468/arkvault
1
0
Fork 0
mirror of https://github.com/kmc7468/arkvault.git synced 2026-02-04 16:16:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d1f9018213f6550f36ba7150c822a22b285a45d7
arkvault/src/lib/server/db/session.ts
static c47885d571 강제 로그인 기능 추가
2025-07-11 23:15:35 +09:00

149 lines
3.9 KiB
TypeScript
Raw Blame History

import pg from "pg";
import env from "$lib/server/loadenv";
import { IntegrityError } from "./error";
import db from "./kysely";
export const createSession = async (
userId: number,
sessionId: string,
ip: string | null,
agent: string | null,
) => {
const now = new Date();
await db
.insertInto("session")
.values({
id: sessionId,
user_id: userId,
created_at: now,
last_used_at: now,
last_used_by_ip: ip || null,
last_used_by_agent: agent || null,
})
.execute();
};
export const refreshSession = async (
sessionId: string,
ip: string | null,
agent: string | null,
) => {
const now = new Date();
const session = await db
.updateTable("session")
.set({
last_used_at: now,
last_used_by_ip: ip !== "" ? ip : undefined, // Don't update if empty
last_used_by_agent: agent !== "" ? agent : undefined, // Don't update if empty
})
.where("id", "=", sessionId)
.where("last_used_at", ">", new Date(now.getTime() - env.session.exp))
.returning(["user_id", "client_id"])
.executeTakeFirst();
if (!session) {
throw new IntegrityError("Session not found");
}
return { userId: session.user_id, clientId: session.client_id };
};
export const upgradeSession = async (
userId: number,
sessionId: string,
clientId: number,
force: boolean,
) => {
try {
await db.transaction().execute(async (trx) => {
if (force) {
await trx
.deleteFrom("session")
.where("id", "!=", sessionId)
.where("user_id", "=", userId)
.where("client_id", "=", clientId)
.execute();
}
const res = await trx
.updateTable("session")
.set({ client_id: clientId })
.where("id", "=", sessionId)
.where("client_id", "is", null)
.executeTakeFirst();
if (res.numUpdatedRows === 0n) {
throw new IntegrityError("Session not found");
}
});
} catch (e) {
if (e instanceof pg.DatabaseError && e.code === "23505") {
throw new IntegrityError("Session already exists");
}
throw e;
}
};
export const deleteSession = async (sessionId: string) => {
await db.deleteFrom("session").where("id", "=", sessionId).execute();
};
export const deleteAllOtherSessions = async (userId: number, sessionId: string) => {
await db
.deleteFrom("session")
.where("id", "!=", sessionId)
.where("user_id", "=", userId)
.execute();
};
export const cleanupExpiredSessions = async () => {
await db
.deleteFrom("session")
.where("last_used_at", "<=", new Date(Date.now() - env.session.exp))
.execute();
};
export const registerSessionUpgradeChallenge = async (
sessionId: string,
clientId: number,
answer: string,
allowedIp: string,
expiresAt: Date,
) => {
try {
const { id } = await db
.insertInto("session_upgrade_challenge")
.values({
session_id: sessionId,
client_id: clientId,
answer,
allowed_ip: allowedIp,
expires_at: expiresAt,
})
.returning("id")
.executeTakeFirstOrThrow();
return { id };
} catch (e) {
if (e instanceof pg.DatabaseError && e.code === "23505") {
throw new IntegrityError("Challenge already registered");
}
throw e;
}
};
export const consumeSessionUpgradeChallenge = async (
challengeId: number,
sessionId: string,
ip: string,
) => {
const challenge = await db
.deleteFrom("session_upgrade_challenge")
.where("id", "=", challengeId)
.where("session_id", "=", sessionId)
.where("allowed_ip", "=", ip)
.where("expires_at", ">", new Date())
.returning(["client_id", "answer"])
.executeTakeFirst();
return challenge ? { clientId: challenge.client_id, answer: challenge.answer } : null;
};
export const cleanupExpiredSessionUpgradeChallenges = async () => {
await db.deleteFrom("session_upgrade_challenge").where("expires_at", "<=", new Date()).execute();
};
Reference in New Issue View Git Blame Copy Permalink