data-model: make the access token expiration optional

2025-07-29 22:01:14 +03:00 · 2023-09-11 11:16:12 +02:00
parent 83ca90ee3d
commit e6b91c1ce4
6 changed files with 79 additions and 18 deletions
--- a/crates/data-model/src/compat/session.rs
+++ b/crates/data-model/src/compat/session.rs
@ -29,7 +29,7 @@ pub enum CompatSessionState {
 }

 impl CompatSessionState {
-    /// Returns `true` if the compta session state is [`Valid`].
+    /// Returns `true` if the compat session state is [`Valid`].
    ///
    /// [`Valid`]: CompatSessionState::Valid
    #[must_use]
@ -37,7 +37,7 @@ impl CompatSessionState {
        matches!(self, Self::Valid)
    }

-    /// Returns `true` if the compta session state is [`Finished`].
+    /// Returns `true` if the compat session state is [`Finished`].
    ///
    /// [`Finished`]: CompatSessionState::Finished
    #[must_use]
@ -45,6 +45,17 @@ impl CompatSessionState {
        matches!(self, Self::Finished { .. })
    }

+    /// Transitions the session state to [`Finished`].
+    ///
+    /// # Parameters
+    ///
+    /// * `finished_at` - The time at which the session was finished.
+    ///
+    /// # Errors
+    ///
+    /// Returns an error if the session state is already [`Finished`].
+    ///
+    /// [`Finished`]: CompatSessionState::Finished
    pub fn finish(self, finished_at: DateTime<Utc>) -> Result<Self, InvalidTransitionError> {
        match self {
            Self::Valid => Ok(Self::Finished { finished_at }),
@ -80,6 +91,15 @@ impl std::ops::Deref for CompatSession {
 }

 impl CompatSession {
+    /// Marks the session as finished.
+    ///
+    /// # Parameters
+    ///
+    /// * `finished_at` - The time at which the session was finished.
+    ///
+    /// # Errors
+    ///
+    /// Returns an error if the session is already finished.
    pub fn finish(mut self, finished_at: DateTime<Utc>) -> Result<Self, InvalidTransitionError> {
        self.state = self.state.finish(finished_at)?;
        Ok(self)
--- a/crates/data-model/src/oauth2/session.rs
+++ b/crates/data-model/src/oauth2/session.rs
@ -19,14 +19,6 @@ use ulid::Ulid;

 use crate::InvalidTransitionError;

-trait T {
-    type State;
-}
-
-impl T for Session {
-    type State = SessionState;
-}
-
 #[derive(Debug, Clone, Default, PartialEq, Eq, Serialize)]
 pub enum SessionState {
    #[default]
@ -53,6 +45,17 @@ impl SessionState {
        matches!(self, Self::Finished { .. })
    }

+    /// Transitions the session state to [`Finished`].
+    ///
+    /// # Parameters
+    ///
+    /// * `finished_at` - The time at which the session was finished.
+    ///
+    /// # Errors
+    ///
+    /// Returns an error if the session state is already [`Finished`].
+    ///
+    /// [`Finished`]: SessionState::Finished
    pub fn finish(self, finished_at: DateTime<Utc>) -> Result<Self, InvalidTransitionError> {
        match self {
            Self::Valid => Ok(Self::Finished { finished_at }),
@ -81,6 +84,15 @@ impl std::ops::Deref for Session {
 }

 impl Session {
+    /// Marks the session as finished.
+    ///
+    /// # Parameters
+    ///
+    /// * `finished_at` - The time at which the session was finished.
+    ///
+    /// # Errors
+    ///
+    /// Returns an error if the session is already finished.
    pub fn finish(mut self, finished_at: DateTime<Utc>) -> Result<Self, InvalidTransitionError> {
        self.state = self.state.finish(finished_at)?;
        Ok(self)
--- a/crates/data-model/src/tokens.rs
+++ b/crates/data-model/src/tokens.rs
@ -62,7 +62,7 @@ pub struct AccessToken {
    pub session_id: Ulid,
    pub access_token: String,
    pub created_at: DateTime<Utc>,
-    pub expires_at: DateTime<Utc>,
+    pub expires_at: Option<DateTime<Utc>>,
 }

 impl AccessToken {
@ -71,11 +71,40 @@ impl AccessToken {
        self.id.to_string()
    }

+    /// Whether the access token is valid, i.e. not revoked and not expired
+    ///
+    /// # Parameters
+    ///
+    /// * `now` - The current time
    #[must_use]
    pub fn is_valid(&self, now: DateTime<Utc>) -> bool {
-        self.state.is_valid() && self.expires_at > now
+        self.state.is_valid() && !self.is_expired(now)
    }

+    /// Whether the access token is expired
+    ///
+    /// Always returns `false` if the access token does not have an expiry time.
+    ///
+    /// # Parameters
+    ///
+    /// * `now` - The current time
+    #[must_use]
+    pub fn is_expired(&self, now: DateTime<Utc>) -> bool {
+        match self.expires_at {
+            Some(expires_at) => expires_at < now,
+            None => false,
+        }
+    }
+
+    /// Mark the access token as revoked
+    ///
+    /// # Parameters
+    ///
+    /// * `revoked_at` - The time at which the access token was revoked
+    ///
+    /// # Errors
+    ///
+    /// Returns an error if the access token is already revoked
    pub fn revoke(mut self, revoked_at: DateTime<Utc>) -> Result<Self, InvalidTransitionError> {
        self.state = self.state.revoke(revoked_at)?;
        Ok(self)