feat: changes to the session model and session activation

Author: Ajay Kelkar

internal/testhelpers/identity.go

@@ -15,9 +15,10 @@ import (
 
 func CreateSession(t *testing.T, reg driver.Registry) *session.Session {
 	ctx := context.Background()
+	header := make(map[string][]string, 0)
 	i := identity.NewIdentity(config.DefaultIdentityTraitsSchemaID)
 	require.NoError(t, reg.PrivilegedIdentityPool().CreateIdentity(ctx, i))
-	sess, err := session.NewActiveSession(ctx, i, reg.Config(), time.Now().UTC(), identity.CredentialsTypePassword, identity.AuthenticatorAssuranceLevel1)
+	sess, err := session.NewActiveSession(ctx, header, i, reg.Config(), time.Now().UTC(), identity.CredentialsTypePassword, identity.AuthenticatorAssuranceLevel1)
 	require.NoError(t, err)
 	require.NoError(t, reg.SessionPersister().UpsertSession(ctx, sess))
 	return sess

internal/testhelpers/session.go

@@ -138,7 +138,9 @@ func NewHTTPClientWithSessionToken(t *testing.T, reg *driver.RegistryDefault, se
 
 func NewHTTPClientWithArbitrarySessionToken(t *testing.T, reg *driver.RegistryDefault) *http.Client {
 	ctx := context.Background()
+	header := make(map[string][]string, 0)
 	s, err := session.NewActiveSession(ctx,
+		header,
 		&identity.Identity{ID: x.NewUUID(), State: identity.StateActive},
 		NewSessionLifespanProvider(time.Hour),
 		time.Now(),
@@ -152,7 +154,9 @@ func NewHTTPClientWithArbitrarySessionToken(t *testing.T, reg *driver.RegistryDe
 
 func NewHTTPClientWithArbitrarySessionCookie(t *testing.T, reg *driver.RegistryDefault) *http.Client {
 	ctx := context.Background()
+	header := make(map[string][]string, 0)
 	s, err := session.NewActiveSession(ctx,
+		header,
 		&identity.Identity{ID: x.NewUUID(), State: identity.StateActive},
 		NewSessionLifespanProvider(time.Hour),
 		time.Now(),
@@ -166,7 +170,9 @@ func NewHTTPClientWithArbitrarySessionCookie(t *testing.T, reg *driver.RegistryD
 
 func NewNoRedirectHTTPClientWithArbitrarySessionCookie(t *testing.T, reg *driver.RegistryDefault) *http.Client {
 	ctx := context.Background()
+	header := make(map[string][]string, 0)
 	s, err := session.NewActiveSession(ctx,
+		header,
 		&identity.Identity{ID: x.NewUUID(), State: identity.StateActive},
 		NewSessionLifespanProvider(time.Hour),
 		time.Now(),
@@ -180,7 +186,10 @@ func NewNoRedirectHTTPClientWithArbitrarySessionCookie(t *testing.T, reg *driver
 
 func NewHTTPClientWithIdentitySessionCookie(t *testing.T, reg *driver.RegistryDefault, id *identity.Identity) *http.Client {
 	ctx := context.Background()
-	s, err := session.NewActiveSession(ctx, id,
+	header := make(map[string][]string, 0)
+	s, err := session.NewActiveSession(ctx,
+		header,
+		id,
 		NewSessionLifespanProvider(time.Hour),
 		time.Now(),
 		identity.CredentialsTypePassword,
@@ -193,7 +202,10 @@ func NewHTTPClientWithIdentitySessionCookie(t *testing.T, reg *driver.RegistryDe
 
 func NewHTTPClientWithIdentitySessionToken(t *testing.T, reg *driver.RegistryDefault, id *identity.Identity) *http.Client {
 	ctx := context.Background()
-	s, err := session.NewActiveSession(ctx, id,
+	header := make(map[string][]string, 0)
+	s, err := session.NewActiveSession(ctx,
+		header,
+		id,
 		NewSessionLifespanProvider(time.Hour),
 		time.Now(),
 		identity.CredentialsTypePassword,

session/session.go

@@ -5,6 +5,8 @@ import (
 	"database/sql/driver"
 	"encoding/json"
 	"fmt"
+	"net/http"
+	"strings"
 	"time"
 
 	"github.com/pkg/errors"
@@ -79,6 +81,15 @@ type Session struct {
 	// required: true
 	Identity *identity.Identity `json:"identity" faker:"identity" db:"-" belongs_to:"identities" fk_id:"IdentityID"`
 
+	// IP address of the machine where the session was initiated
+	ClientIPAddress string `json:"client_ip_address" db:"client_ip_address"`
+
+	// User Agent
+	UserAgent string `json:"user_agent" db:"user_agent"`
+
+	// Geo Location where the session was initiated
+	GeoLocation string `json:"geo_location" db:"geo_location"`
+
 	// IdentityID is a helper struct field for gobuffalo.pop.
 	IdentityID uuid.UUID `json:"-" faker:"-" db:"identity_id"`
 
@@ -148,7 +159,7 @@ func (s *Session) SetAuthenticatorAssuranceLevel() {
 	}
 }
 
-func NewActiveSession(ctx context.Context, requestHeaders map[string][]string, i *identity.Identity, c lifespanProvider, authenticatedAt time.Time, completedLoginFor identity.CredentialsType, completedLoginAAL identity.AuthenticatorAssuranceLevel) (*Session, error) {
+func NewActiveSession(ctx context.Context, requestHeaders http.Header, i *identity.Identity, c lifespanProvider, authenticatedAt time.Time, completedLoginFor identity.CredentialsType, completedLoginAAL identity.AuthenticatorAssuranceLevel) (*Session, error) {
 	s := NewInactiveSession()
 	s.CompletedLoginFor(completedLoginFor, completedLoginAAL)
 	if err := s.Activate(ctx, requestHeaders, i, c, authenticatedAt); err != nil {
@@ -167,7 +178,7 @@ func NewInactiveSession() *Session {
 	}
 }
 
-func (s *Session) Activate(ctx context.Context, requestHeaders map[string][]string, i *identity.Identity, c lifespanProvider, authenticatedAt time.Time) error {
+func (s *Session) Activate(ctx context.Context, requestHeaders http.Header, i *identity.Identity, c lifespanProvider, authenticatedAt time.Time) error {
 	if i != nil && !i.IsActive() {
 		return ErrIdentityDisabled.WithDetail("identity_id", i.ID)
 	}
@@ -179,6 +190,22 @@ func (s *Session) Activate(ctx context.Context, requestHeaders map[string][]stri
 	s.Identity = i
 	s.IdentityID = i.ID
 
+	agent := requestHeaders["User-Agent"]
+	if len(agent) > 0 {
+		s.UserAgent = strings.Join(agent, " ")
+	}
+
+	clientIP := requestHeaders.Get("True-Client-IP")
+	if clientIP != "" {
+		s.ClientIPAddress = clientIP
+	} else {
+		// TODO: Use x lib implementation to parse client IP address from the header string
+		s.ClientIPAddress = requestHeaders.Get("X-Forwarded-For")
+	}
+
+	clientGeoLocation := []string{requestHeaders.Get("Cf-Ipcity"), requestHeaders.Get("Cf-Ipcountry")}
+	s.GeoLocation = strings.Join(clientGeoLocation, ", ")
+
 	s.SetAuthenticatorAssuranceLevel()
 	return nil
 }