Skip to main content

Module sessions

Module sessions 

Source
Expand description

Active admin sessions management — the security-oversight completion of the session model (models::session, docs/archive/WEBAUTHN_DESIGN.md): see who is currently signed in (token or passkey) and revoke a compromised identity’s sessions. Uniform authz — any signed-in admin may view + revoke.

Session ids are never exposed (the id is the bearer credential): the read surface shows owner / method / times only, and revocation is per-owner (by the non-secret owner name), not per-opaque-id. “This is your current session” is computed server-side by comparing the row id to the request’s cookie, without surfacing either.

Structs§

RevokeAckDto
Acknowledgement of a session revoke: the identity and how many of its sessions were ended.
SessionDto
An active admin session as exposed over the API/UI. No session id (it is the credential): owner + how they signed in + when, and whether it is the viewer’s current browser session.

Functions§

api_revoke_sessions
Revokes all of an identity’s sessions (agent twin of the screen’s revoke). Token-gated (the Actor guard) and audited — for automated security response (kick out a compromised account everywhere). Referenced by the non-secret owner name, never a session id. Idempotent: an identity with no sessions revokes 0. Sessions are ephemeral auth state, not historical record, so this mutation is exposed to agents (unlike the immutable history tables).
api_sessions
The active sessions (agent twin of the /admin/sessions screen): who is currently signed in. Token-gated (the active-identity list is sensitive). 503 if the pool is exhausted.
revoke_owner_sessions
Revokes all of an identity’s sessions (POST /admin/sessions/revoke?<owner>) — sign-out- everywhere, or kicking out a compromised account. Referenced by the non-secret owner name (never a session id). Redirects back to the screen. Signed-in admins only.
routes
The human sessions screen + revoke (the agent api_sessions is mounted via frontend::apidoc).
sessions_page
The active-sessions screen (GET /admin/sessions): who is signed in, with per-identity revoke. Signed-in admins only (unauthenticated → sign-in page, returning here).