Session Store
Component Detail
Data Layer
medium complexity
backend
0
Dependencies
2
Dependents
3
Entities
0
Integrations
Description
Data access layer managing the sessions and refresh_tokens tables in PostgreSQL. Provides CRUD operations for session records including device metadata persistence, refresh token lifecycle management, and a token blocklist table for immediate access token invalidation after revocation.
session-store
Responsibilities
- CRUD operations on sessions table with device metadata and timestamps
- Manage refresh_tokens linked to session records with cascading deletion on revocation
- Maintain token blocklist entries with TTL matching access token expiry for immediate invalidation
- Query active sessions with organization-scoped filtering and pagination
- Cleanup expired blocklist entries and stale sessions
Interfaces
createSession(session: NewSession): Promise<Session>
getSessionById(sessionId: string): Promise<Session | null>
getSessionsByUserId(userId: string): Promise<Session[]>
getSessionsByOrgId(orgId: string, pagination: Pagination): Promise<PaginatedResult<Session>>
updateLastActivity(sessionId: string, timestamp: Date): Promise<void>
deleteSession(sessionId: string): Promise<void>
deleteAllUserSessions(userId: string): Promise<number>
getRefreshTokenBySessionId(sessionId: string): Promise<RefreshToken | null>
deleteRefreshToken(tokenId: string): Promise<void>
addBlocklistEntry(jti: string, expiresAt: Date): Promise<void>
isJtiBlocked(jti: string): Promise<boolean>
purgeExpiredBlocklistEntries(): Promise<number>
Relationships
Dependents (2)
Components that depend on this component
Related Data Entities (3)
Data entities managed by this component