go-crypt/auth/session_store.go

package auth

import (
	"maps"
	"sync"
	"time"

	coreerr "dappco.re/go/core/log"
)

// ErrSessionNotFound is returned when a session token is not found.
var ErrSessionNotFound = coreerr.E("auth", "session not found", nil)

// SessionStore abstracts session persistence.
type SessionStore interface {
	Get(token string) (*Session, error)
	Set(session *Session) error
	Delete(token string) error
	DeleteByUser(userID string) error
	Cleanup() (int, error) // Remove expired sessions, return count removed
}

// MemorySessionStore is an in-memory SessionStore backed by a map.
type MemorySessionStore struct {
	mu       sync.RWMutex
	sessions map[string]*Session
}

// NewMemorySessionStore creates a new in-memory session store.
func NewMemorySessionStore() *MemorySessionStore {
	return &MemorySessionStore{
		sessions: make(map[string]*Session),
	}
}

// Get retrieves a session by token.
func (m *MemorySessionStore) Get(token string) (*Session, error) {
	m.mu.RLock()
	defer m.mu.RUnlock()

	session, exists := m.sessions[token]
	if !exists {
		return nil, ErrSessionNotFound
	}

	// Return a copy to prevent mutation outside the lock
	s := *session
	return &s, nil
}

// Set stores a session, keyed by its token.
func (m *MemorySessionStore) Set(session *Session) error {
	m.mu.Lock()
	defer m.mu.Unlock()

	// Store a copy to prevent external mutation
	s := *session
	m.sessions[session.Token] = &s
	return nil
}

// Delete removes a session by token.
func (m *MemorySessionStore) Delete(token string) error {
	m.mu.Lock()
	defer m.mu.Unlock()

	if _, exists := m.sessions[token]; !exists {
		return ErrSessionNotFound
	}

	delete(m.sessions, token)
	return nil
}

// DeleteByUser removes all sessions belonging to the given user.
func (m *MemorySessionStore) DeleteByUser(userID string) error {
	m.mu.Lock()
	defer m.mu.Unlock()

	maps.DeleteFunc(m.sessions, func(token string, session *Session) bool {
		return session.UserID == userID
	})
	return nil
}

// Cleanup removes all expired sessions and returns the count removed.
func (m *MemorySessionStore) Cleanup() (int, error) {
	m.mu.Lock()
	defer m.mu.Unlock()

	now := time.Now()
	count := 0
	maps.DeleteFunc(m.sessions, func(token string, session *Session) bool {
		if now.After(session.ExpiresAt) {
			count++
			return true
		}
		return false
	})
	return count, nil
}
feat(auth): add SessionStore interface with SQLite persistence Extract in-memory session map into SessionStore interface with two implementations: MemorySessionStore (default, backward-compatible) and SQLiteSessionStore (persistent via go-store). Add WithSessionStore option, background cleanup goroutine, and comprehensive tests including persistence verification and concurrency safety. Phase 1: Session Persistence — complete. Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-20 01:44:51 +00:00			`package auth`

			`import (`
feat: modernise to Go 1.26 iterators and stdlib helpers Add iter.Seq iterators for trust registry (ListSeq), audit log (EventsSeq, QuerySeq), and approval store (PendingSeq). Use slices.DeleteFunc in session store, slices.SortFunc in testcmd, range-over-int in benchmarks. Co-Authored-By: Gemini <noreply@google.com> Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-23 05:47:04 +00:00			`"maps"`
feat(auth): add SessionStore interface with SQLite persistence Extract in-memory session map into SessionStore interface with two implementations: MemorySessionStore (default, backward-compatible) and SQLiteSessionStore (persistent via go-store). Add WithSessionStore option, background cleanup goroutine, and comprehensive tests including persistence verification and concurrency safety. Phase 1: Session Persistence — complete. Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-20 01:44:51 +00:00			`"sync"`
			`"time"`
refactor: replace remaining fmt.Errorf/os.* with go-io/go-log conventions Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-16 20:50:38 +00:00
refactor: migrate imports to dappco.re/go/core/* paths Update module path from forge.lthn.ai/core/go-crypt to dappco.re/go/core/crypt. Migrate go-log, go-io, go-i18n imports to their new dappco.re/go/core/* paths with updated versions (core v0.5.0, log v0.1.0, io v0.2.0, i18n v0.2.0). Un-migrated modules (cli, go-store, go-inference) remain at forge.lthn.ai paths. Also fixes merge conflict marker and duplicate imports in crypt/openpgp/service.go, and updates CLAUDE.md to reflect new paths. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-22 01:43:27 +00:00			`coreerr "dappco.re/go/core/log"`
feat(auth): add SessionStore interface with SQLite persistence Extract in-memory session map into SessionStore interface with two implementations: MemorySessionStore (default, backward-compatible) and SQLiteSessionStore (persistent via go-store). Add WithSessionStore option, background cleanup goroutine, and comprehensive tests including persistence verification and concurrency safety. Phase 1: Session Persistence — complete. Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-20 01:44:51 +00:00			`)`

			`// ErrSessionNotFound is returned when a session token is not found.`
refactor: replace remaining fmt.Errorf/os.* with go-io/go-log conventions Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-16 20:50:38 +00:00			`var ErrSessionNotFound = coreerr.E("auth", "session not found", nil)`
feat(auth): add SessionStore interface with SQLite persistence Extract in-memory session map into SessionStore interface with two implementations: MemorySessionStore (default, backward-compatible) and SQLiteSessionStore (persistent via go-store). Add WithSessionStore option, background cleanup goroutine, and comprehensive tests including persistence verification and concurrency safety. Phase 1: Session Persistence — complete. Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-20 01:44:51 +00:00
			`// SessionStore abstracts session persistence.`
			`type SessionStore interface {`
			`Get(token string) (*Session, error)`
			`Set(session *Session) error`
			`Delete(token string) error`
			`DeleteByUser(userID string) error`
			`Cleanup() (int, error) // Remove expired sessions, return count removed`
			`}`

			`// MemorySessionStore is an in-memory SessionStore backed by a map.`
			`type MemorySessionStore struct {`
			`mu sync.RWMutex`
			`sessions map[string]*Session`
			`}`

			`// NewMemorySessionStore creates a new in-memory session store.`
			`func NewMemorySessionStore() *MemorySessionStore {`
			`return &MemorySessionStore{`
			`sessions: make(map[string]*Session),`
			`}`
			`}`

			`// Get retrieves a session by token.`
			`func (m MemorySessionStore) Get(token string) (Session, error) {`
			`m.mu.RLock()`
			`defer m.mu.RUnlock()`

			`session, exists := m.sessions[token]`
			`if !exists {`
			`return nil, ErrSessionNotFound`
			`}`

			`// Return a copy to prevent mutation outside the lock`
			`s := *session`
			`return &s, nil`
			`}`

			`// Set stores a session, keyed by its token.`
			`func (m MemorySessionStore) Set(session Session) error {`
			`m.mu.Lock()`
			`defer m.mu.Unlock()`

			`// Store a copy to prevent external mutation`
			`s := *session`
			`m.sessions[session.Token] = &s`
			`return nil`
			`}`

			`// Delete removes a session by token.`
			`func (m *MemorySessionStore) Delete(token string) error {`
			`m.mu.Lock()`
			`defer m.mu.Unlock()`

			`if _, exists := m.sessions[token]; !exists {`
			`return ErrSessionNotFound`
			`}`

			`delete(m.sessions, token)`
			`return nil`
			`}`

			`// DeleteByUser removes all sessions belonging to the given user.`
			`func (m *MemorySessionStore) DeleteByUser(userID string) error {`
			`m.mu.Lock()`
			`defer m.mu.Unlock()`

feat: modernise to Go 1.26 iterators and stdlib helpers Add iter.Seq iterators for trust registry (ListSeq), audit log (EventsSeq, QuerySeq), and approval store (PendingSeq). Use slices.DeleteFunc in session store, slices.SortFunc in testcmd, range-over-int in benchmarks. Co-Authored-By: Gemini <noreply@google.com> Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-23 05:47:04 +00:00			`maps.DeleteFunc(m.sessions, func(token string, session *Session) bool {`
			`return session.UserID == userID`
			`})`
feat(auth): add SessionStore interface with SQLite persistence Extract in-memory session map into SessionStore interface with two implementations: MemorySessionStore (default, backward-compatible) and SQLiteSessionStore (persistent via go-store). Add WithSessionStore option, background cleanup goroutine, and comprehensive tests including persistence verification and concurrency safety. Phase 1: Session Persistence — complete. Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-20 01:44:51 +00:00			`return nil`
			`}`

			`// Cleanup removes all expired sessions and returns the count removed.`
			`func (m *MemorySessionStore) Cleanup() (int, error) {`
			`m.mu.Lock()`
			`defer m.mu.Unlock()`

			`now := time.Now()`
			`count := 0`
feat: modernise to Go 1.26 iterators and stdlib helpers Add iter.Seq iterators for trust registry (ListSeq), audit log (EventsSeq, QuerySeq), and approval store (PendingSeq). Use slices.DeleteFunc in session store, slices.SortFunc in testcmd, range-over-int in benchmarks. Co-Authored-By: Gemini <noreply@google.com> Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-23 05:47:04 +00:00			`maps.DeleteFunc(m.sessions, func(token string, session *Session) bool {`
feat(auth): add SessionStore interface with SQLite persistence Extract in-memory session map into SessionStore interface with two implementations: MemorySessionStore (default, backward-compatible) and SQLiteSessionStore (persistent via go-store). Add WithSessionStore option, background cleanup goroutine, and comprehensive tests including persistence verification and concurrency safety. Phase 1: Session Persistence — complete. Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-20 01:44:51 +00:00			`if now.After(session.ExpiresAt) {`
			`count++`
feat: modernise to Go 1.26 iterators and stdlib helpers Add iter.Seq iterators for trust registry (ListSeq), audit log (EventsSeq, QuerySeq), and approval store (PendingSeq). Use slices.DeleteFunc in session store, slices.SortFunc in testcmd, range-over-int in benchmarks. Co-Authored-By: Gemini <noreply@google.com> Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-23 05:47:04 +00:00			`return true`
feat(auth): add SessionStore interface with SQLite persistence Extract in-memory session map into SessionStore interface with two implementations: MemorySessionStore (default, backward-compatible) and SQLiteSessionStore (persistent via go-store). Add WithSessionStore option, background cleanup goroutine, and comprehensive tests including persistence verification and concurrency safety. Phase 1: Session Persistence — complete. Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-20 01:44:51 +00:00			`}`
feat: modernise to Go 1.26 iterators and stdlib helpers Add iter.Seq iterators for trust registry (ListSeq), audit log (EventsSeq, QuerySeq), and approval store (PendingSeq). Use slices.DeleteFunc in session store, slices.SortFunc in testcmd, range-over-int in benchmarks. Co-Authored-By: Gemini <noreply@google.com> Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-23 05:47:04 +00:00			`return false`
			`})`
feat(auth): add SessionStore interface with SQLite persistence Extract in-memory session map into SessionStore interface with two implementations: MemorySessionStore (default, backward-compatible) and SQLiteSessionStore (persistent via go-store). Add WithSessionStore option, background cleanup goroutine, and comprehensive tests including persistence verification and concurrency safety. Phase 1: Session Persistence — complete. Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-20 01:44:51 +00:00			`return count, nil`
			`}`