Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface UserSessionsStorage<Device, Location>

Storage where user sessions are stored.

Type parameters

  • Device: DeviceBase

    Type of the device.

  • Location

    Type of the location.

Hierarchy

  • BaseUserSessionStorage<Device, Location, UserSessionMetaData<Device, Location>>
    • UserSessionsStorage

Methods

Methods

delete

  • delete(subject: string, sessionId: string): Promise<void>

  • Deletes user session.

    Parameters

    • subject: string

      Subject.

    • sessionId: string

      Id of the session.
      Storage should treat sessionId as untrusted and perform SQLi and XSS validations before deleting meta data.

    Returns Promise<void>

deleteAll

  • deleteAll(subject: string): Promise<number>

  • Deletes all sessions of the subject.

    Parameters

    • subject: string

      Subject.

    Returns Promise<number>

    Number of deleted sessions.

insert

  • insert(subject: string, sessionId: string, metaData: UserSessionMetaData<Device, Location>, ttl: number): Promise<void>

  • Insert user session in the storage.

    IMPORTANT!
    It's highly advisable to hash sessionId before storing it in the database, especially if RDBMS is used.

    throws

    {Error} When session can't be inserted.

    Parameters

    • subject: string

      Subject.

    • sessionId: string

      Session id.

    • metaData: UserSessionMetaData<Device, Location>

      Session meta data.

    • ttl: number

      Session ttl (in seconds).

    Returns Promise<void>

read

  • read(subject: string, sessionId: string): Promise<undefined | null | UserSessionMetaData<Device, Location>>

  • Read session meta data from storage.

    Parameters

    • subject: string

      Subject.

    • sessionId: string

      Id of the session.
      Storage should treat sessionId as untrusted and perform SQLi and XSS validations before query meta data.

    Returns Promise<undefined | null | UserSessionMetaData<Device, Location>>

    User session meta data or null / undefined if not found.

readAll

  • readAll(subject: string): Promise<ReadonlyMap<string, Readonly<UserSessionMetaData<Device, Location>>>>

  • Read all of the active user sessions for subject.

    Parameters

    • subject: string

      Subject user sessions are belonging to.

    Returns Promise<ReadonlyMap<string, Readonly<UserSessionMetaData<Device, Location>>>>

    Session id with the session metadata.
    When subject has no active sessions, returns an empty map.

updateAccessedAt

  • updateAccessedAt(subject: string, sessionId: string, metaData: UserSessionMetaData<Device, Location>): Promise<void>

  • Caller will pass an UserSessionMetaData object (the same one which was obtained from UserSessionsStorage.read operation, without being cloned) which has updated UserSessionMetaData.accessedAt field. Storage needs to replace existing metadata with the passed one.

    Notice that this is a safe operation, because other fields are readonly.

    Parameters

    • subject: string

      Subject.

    • sessionId: string

      Id of the session.
      Storage should treat sessionId as untrusted and perform SQLi and XSS validations before updating meta data.

    • metaData: UserSessionMetaData<Device, Location>

      Session metadata with updated value of the UserSessionMetaData.accessedAt field.

    Returns Promise<void>