diff options
| author | Owen Jacobson <owen@grimoire.ca> | 2024-09-28 21:55:20 -0400 |
|---|---|---|
| committer | Owen Jacobson <owen@grimoire.ca> | 2024-09-29 01:19:19 -0400 |
| commit | 0b1cb80dd0b0f90c4892de7e7a2d18a076ecbdf2 (patch) | |
| tree | b41313dbd92811ffcc87b0af576dc570b5802a1e /.sqlx | |
| parent | 4d0bb0709b168a24ab6a8dbc86da45d7503596ee (diff) | |
Shut down the `/api/events` stream when the user logs out or their token expires.
When tokens are revoked (logout or expiry), the server now publishes an internal event via the new `logins` event broadcaster. These events are used to guard the `/api/events` stream. When a token revocation event arrives for the token used to subscribe to the stream, the stream is cut short, disconnecting the client.
In service of this, tokens now have IDs, which are non-confidential values that can be used to discuss tokens without their secrets being passed around unnecessarily. These IDs are not (at this time) exposed to clients, but they could be.
Diffstat (limited to '.sqlx')
| -rw-r--r-- | .sqlx/query-47dd407a27cccae89e6de038e785936cc4a79ebd7b5c1c1276a88ba4d0790900.json | 20 | ||||
| -rw-r--r-- | .sqlx/query-849eaadd3659346c3d98ce6af1d187fa27cb8d56c8e1c5a3db2f57abba2a35b1.json | 26 | ||||
| -rw-r--r-- | .sqlx/query-8b057bc13014ee61cc2abc15b487ef0e138989e0b82cd4ff4f7187af6fb529d2.json | 20 | ||||
| -rw-r--r-- | .sqlx/query-9312110e144287cb2fc1fa2e59caae0cdc63e2bcb660474bfcb7e6bc9875f654.json | 20 | ||||
| -rw-r--r-- | .sqlx/query-d3938e57aaf0ef5f9f9300eed9467f4a01053e8abbdd0610a3eafb623fd355c9.json | 32 | ||||
| -rw-r--r-- | .sqlx/query-e0deb4dfaffe4527ad630c884970c3eb93fc734d979e6b8e78cd7d0b6dd0b669.json (renamed from .sqlx/query-c28b9bffa73d6a861e122a73a90e3912d23bf952740fe32544bc70a44e6a2744.json) | 6 | ||||
| -rw-r--r-- | .sqlx/query-fb41b6c3faaf20424f1b914ca95d73b98061793f07e8ed62dd01ced5b56f0757.json | 12 |
7 files changed, 75 insertions, 61 deletions
diff --git a/.sqlx/query-47dd407a27cccae89e6de038e785936cc4a79ebd7b5c1c1276a88ba4d0790900.json b/.sqlx/query-47dd407a27cccae89e6de038e785936cc4a79ebd7b5c1c1276a88ba4d0790900.json new file mode 100644 index 0000000..0496ff3 --- /dev/null +++ b/.sqlx/query-47dd407a27cccae89e6de038e785936cc4a79ebd7b5c1c1276a88ba4d0790900.json @@ -0,0 +1,20 @@ +{ + "db_name": "SQLite", + "query": "\n delete\n from token\n where last_used_at < $1\n returning id as \"id: Id\"\n ", + "describe": { + "columns": [ + { + "name": "id: Id", + "ordinal": 0, + "type_info": "Text" + } + ], + "parameters": { + "Right": 1 + }, + "nullable": [ + false + ] + }, + "hash": "47dd407a27cccae89e6de038e785936cc4a79ebd7b5c1c1276a88ba4d0790900" +} diff --git a/.sqlx/query-849eaadd3659346c3d98ce6af1d187fa27cb8d56c8e1c5a3db2f57abba2a35b1.json b/.sqlx/query-849eaadd3659346c3d98ce6af1d187fa27cb8d56c8e1c5a3db2f57abba2a35b1.json deleted file mode 100644 index 6b7978d..0000000 --- a/.sqlx/query-849eaadd3659346c3d98ce6af1d187fa27cb8d56c8e1c5a3db2f57abba2a35b1.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "db_name": "SQLite", - "query": "\n select\n login.id as \"id: login::Id\",\n name\n from login\n join token on login.id = token.login\n where token.secret = $1\n ", - "describe": { - "columns": [ - { - "name": "id: login::Id", - "ordinal": 0, - "type_info": "Text" - }, - { - "name": "name", - "ordinal": 1, - "type_info": "Text" - } - ], - "parameters": { - "Right": 1 - }, - "nullable": [ - false, - false - ] - }, - "hash": "849eaadd3659346c3d98ce6af1d187fa27cb8d56c8e1c5a3db2f57abba2a35b1" -} diff --git a/.sqlx/query-8b057bc13014ee61cc2abc15b487ef0e138989e0b82cd4ff4f7187af6fb529d2.json b/.sqlx/query-8b057bc13014ee61cc2abc15b487ef0e138989e0b82cd4ff4f7187af6fb529d2.json new file mode 100644 index 0000000..0d3dcdf --- /dev/null +++ b/.sqlx/query-8b057bc13014ee61cc2abc15b487ef0e138989e0b82cd4ff4f7187af6fb529d2.json @@ -0,0 +1,20 @@ +{ + "db_name": "SQLite", + "query": "\n delete\n from token\n where secret = $1\n returning id as \"id: Id\"\n ", + "describe": { + "columns": [ + { + "name": "id: Id", + "ordinal": 0, + "type_info": "Text" + } + ], + "parameters": { + "Right": 1 + }, + "nullable": [ + false + ] + }, + "hash": "8b057bc13014ee61cc2abc15b487ef0e138989e0b82cd4ff4f7187af6fb529d2" +} diff --git a/.sqlx/query-9312110e144287cb2fc1fa2e59caae0cdc63e2bcb660474bfcb7e6bc9875f654.json b/.sqlx/query-9312110e144287cb2fc1fa2e59caae0cdc63e2bcb660474bfcb7e6bc9875f654.json deleted file mode 100644 index 0de7e32..0000000 --- a/.sqlx/query-9312110e144287cb2fc1fa2e59caae0cdc63e2bcb660474bfcb7e6bc9875f654.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "db_name": "SQLite", - "query": "\n delete\n from token\n where secret = $1\n returning 1 as \"found: u32\"\n ", - "describe": { - "columns": [ - { - "name": "found: u32", - "ordinal": 0, - "type_info": "Null" - } - ], - "parameters": { - "Right": 1 - }, - "nullable": [ - null - ] - }, - "hash": "9312110e144287cb2fc1fa2e59caae0cdc63e2bcb660474bfcb7e6bc9875f654" -} diff --git a/.sqlx/query-d3938e57aaf0ef5f9f9300eed9467f4a01053e8abbdd0610a3eafb623fd355c9.json b/.sqlx/query-d3938e57aaf0ef5f9f9300eed9467f4a01053e8abbdd0610a3eafb623fd355c9.json new file mode 100644 index 0000000..3d15b5c --- /dev/null +++ b/.sqlx/query-d3938e57aaf0ef5f9f9300eed9467f4a01053e8abbdd0610a3eafb623fd355c9.json @@ -0,0 +1,32 @@ +{ + "db_name": "SQLite", + "query": "\n select\n token.id as \"token_id: Id\",\n login.id as \"login_id: login::Id\",\n name as \"login_name\"\n from login\n join token on login.id = token.login\n where token.secret = $1\n ", + "describe": { + "columns": [ + { + "name": "token_id: Id", + "ordinal": 0, + "type_info": "Text" + }, + { + "name": "login_id: login::Id", + "ordinal": 1, + "type_info": "Text" + }, + { + "name": "login_name", + "ordinal": 2, + "type_info": "Text" + } + ], + "parameters": { + "Right": 1 + }, + "nullable": [ + false, + false, + false + ] + }, + "hash": "d3938e57aaf0ef5f9f9300eed9467f4a01053e8abbdd0610a3eafb623fd355c9" +} diff --git a/.sqlx/query-c28b9bffa73d6a861e122a73a90e3912d23bf952740fe32544bc70a44e6a2744.json b/.sqlx/query-e0deb4dfaffe4527ad630c884970c3eb93fc734d979e6b8e78cd7d0b6dd0b669.json index 5927248..eda6697 100644 --- a/.sqlx/query-c28b9bffa73d6a861e122a73a90e3912d23bf952740fe32544bc70a44e6a2744.json +++ b/.sqlx/query-e0deb4dfaffe4527ad630c884970c3eb93fc734d979e6b8e78cd7d0b6dd0b669.json @@ -1,6 +1,6 @@ { "db_name": "SQLite", - "query": "\n insert\n into token (secret, login, issued_at, last_used_at)\n values ($1, $2, $3, $3)\n returning secret as \"secret!: IdentitySecret\"\n ", + "query": "\n insert\n into token (id, secret, login, issued_at, last_used_at)\n values ($1, $2, $3, $4, $4)\n returning secret as \"secret!: IdentitySecret\"\n ", "describe": { "columns": [ { @@ -10,11 +10,11 @@ } ], "parameters": { - "Right": 3 + "Right": 4 }, "nullable": [ false ] }, - "hash": "c28b9bffa73d6a861e122a73a90e3912d23bf952740fe32544bc70a44e6a2744" + "hash": "e0deb4dfaffe4527ad630c884970c3eb93fc734d979e6b8e78cd7d0b6dd0b669" } diff --git a/.sqlx/query-fb41b6c3faaf20424f1b914ca95d73b98061793f07e8ed62dd01ced5b56f0757.json b/.sqlx/query-fb41b6c3faaf20424f1b914ca95d73b98061793f07e8ed62dd01ced5b56f0757.json deleted file mode 100644 index b91b18b..0000000 --- a/.sqlx/query-fb41b6c3faaf20424f1b914ca95d73b98061793f07e8ed62dd01ced5b56f0757.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "db_name": "SQLite", - "query": "\n delete\n from token\n where last_used_at < $1\n ", - "describe": { - "columns": [], - "parameters": { - "Right": 1 - }, - "nullable": [] - }, - "hash": "fb41b6c3faaf20424f1b914ca95d73b98061793f07e8ed62dd01ced5b56f0757" -} |