Added delete inactive session functionality during login

Signed-off-by: shitrerohit <[email protected]>

Author: shitrerohit

apps/api-gateway/src/user/user.controller.ts

@@ -416,19 +416,4 @@ export class UserController {
 
     return res.status(HttpStatus.OK).json(finalResponse);
   }
-
-  @Post('/delete-inactive-sessions')
-  @ApiOperation({
-    summary: 'Update platform settings',
-    description: 'Modify platform settings. Only accessible by platform admins.'
-  })
-  async deleteInactiveSessions(@Res() res: Response): Promise<Response> {
-    await this.userService.deleteInactiveSessions();
-    const finalResponse = {
-      statusCode: HttpStatus.OK,
-      message: ''
-    };
-
-    return res.status(HttpStatus.OK).json(finalResponse);
-  }
 }

apps/api-gateway/src/user/user.service.ts

@@ -92,8 +92,4 @@ export class UserService extends BaseService {
     const payload = { email };
     return this.natsClient.sendNatsMessage(this.serviceProxy, 'get-user-info-by-user-email-keycloak', payload);
   }
-
-  async deleteInactiveSessions(): Promise<void> {
-    return this.natsClient.sendNatsMessage(this.serviceProxy, 'delete-inactive-sessions', '');
-  }
 }

apps/organization/src/organization.service.ts

@@ -64,6 +64,8 @@ import { DeleteOrgInvitationsEmail } from '../templates/delete-organization-invi
 import { IOrgRoles } from 'libs/org-roles/interfaces/org-roles.interface';
 import { NATSClient } from '@credebl/common/NATSClient';
 import { UserRepository } from 'apps/user/repositories/user.repository';
+import * as jwt from 'jsonwebtoken';
+
 @Injectable()
 export class OrganizationService {
   constructor(
@@ -708,17 +710,24 @@ export class OrganizationService {
     let addSessionDetails;
     // Fetch owner organization details for getting the user id
     const orgRoleDetails = await this.organizationRepository.getOrgAndOwnerUser(clientId);
+    // called seprate method to delete exp session
+    this.userRepository.deleteInactiveSessions(orgRoleDetails['user'].id);
+
     // Fetch the total number of sessions for the requested user to check and restrict the creation of multiple sessions.
     const userSessionDetails = await this.userRepository.fetchUserSessions(orgRoleDetails['user'].id);
     if (Number(process.env.SESSIONS_LIMIT) <= userSessionDetails?.length) {
       throw new BadRequestException(ResponseMessages.user.error.sessionLimitReached);
     }
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const decodedToken: any = jwt.decode(authenticationResult?.access_token);
+    const expiresAt = new Date(decodedToken.exp * 1000);
     // Session payload
     const sessionData = {
       sessionToken: authenticationResult?.access_token,
       userId: orgRoleDetails['user'].id,
       expires: authenticationResult?.expires_in,
-      sessionType: SessionType.ORG_SESSION
+      sessionType: SessionType.ORG_SESSION,
+      expiresAt
     };
     // Note:
     // Fetch account details to check whether the requested user account exists

apps/user/interfaces/user.interface.ts

@@ -191,6 +191,7 @@ export interface ISession {
   type?: string;
   accountId?: string;
   sessionType?: string;
+  expiresAt?: Date;
 }
 
 export interface IUpdateAccountDetails {

apps/user/repositories/user.repository.ts

@@ -678,7 +678,7 @@ export class UserRepository {
 
   async createSession(tokenDetails: ISession): Promise<session> {
     try {
-      const { sessionToken, userId, expires, refreshToken, accountId, sessionType } = tokenDetails;
+      const { sessionToken, userId, expires, refreshToken, accountId, sessionType, expiresAt } = tokenDetails;
       const sessionResponse = await this.prisma.session.create({
         data: {
           id: tokenDetails.id,
@@ -687,7 +687,8 @@ export class UserRepository {
           userId,
           refreshToken,
           accountId,
-          sessionType
+          sessionType,
+          expiresAt
         }
       });
       return sessionResponse;
@@ -988,24 +989,16 @@ export class UserRepository {
     }
   }
 
-  async deleteInactiveSessions(): Promise<number> {
-    try {
-      //       await this.prisma.session.deleteMany({
-      //   where: {
-      //     AND: [
-      //       {
-      //         createdAt: {
-      //           lt: new Date(Date.now() - expires), // Current time minus expire interval
-      //         },
-      //       },
-      //       // You can add more conditions here
-      //     ],
-      //   },
-      // });
-      const response = await this.prisma.$executeRaw`
-        DELETE FROM "session"
-        WHERE ("createdAt" + make_interval(secs => "expires")) < NOW()
-      `;
+  async deleteInactiveSessions(userId: string): Promise<Prisma.BatchPayload> {
+    try {
+      const response = await this.prisma.session.deleteMany({
+        where: {
+          expiresAt: {
+            lt: new Date()
+          },
+          userId
+        }
+      });
       this.logger.debug('Response::', response);
       return response;
     } catch (error) {

apps/user/src/user.controller.ts

@@ -269,9 +269,4 @@ export class UserController {
   async logout(logoutUserDto: ISessions): Promise<string> {
     return this.userService.logout(logoutUserDto);
   }
-
-  @MessagePattern({ cmd: 'delete-inactive-sessions' })
-  async deleteInActiveSessions(): Promise<string> {
-    return this.userService.deleteInActiveSessions();
-  }
 }

apps/user/src/user.service.ts

@@ -459,6 +459,8 @@ export class UserService {
       if (true === isPasskey && false === userData?.isFidoVerified) {
         throw new UnauthorizedException(ResponseMessages.user.error.registerFido);
       }
+      // called seprate method to delete exp session
+      this.userRepository.deleteInactiveSessions(userData?.id);
       const userSessionDetails = await this.userRepository.fetchUserSessions(userData?.id);
       if (Number(process.env.SESSIONS_LIMIT) <= userSessionDetails?.length) {
         throw new BadRequestException(ResponseMessages.user.error.sessionLimitReached);
@@ -474,13 +476,16 @@ export class UserService {
       }
       // eslint-disable-next-line @typescript-eslint/no-explicit-any
       const decodedToken: any = jwt.decode(tokenDetails?.access_token);
+      const expiresAt = new Date(decodedToken.exp * 1000);
+
       const sessionData = {
         id: decodedToken.sid,
         sessionToken: tokenDetails?.access_token,
         userId: userData?.id,
         expires: tokenDetails?.expires_in,
         refreshToken: tokenDetails?.refresh_token,
-        sessionType: SessionType.USER_SESSION
+        sessionType: SessionType.USER_SESSION,
+        expiresAt
       };
 
       const fetchAccountDetails = await this.userRepository.checkAccountDetails(userData?.id);
@@ -555,13 +560,17 @@ export class UserService {
         if (!deletePreviousSession) {
           throw new InternalServerErrorException(ResponseMessages.user.error.errorInDeleteSession);
         }
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        const decodedToken: any = jwt.decode(tokenResponse?.access_token);
+        const expiresAt = new Date(decodedToken.exp * 1000);
         const sessionData = {
           sessionToken: tokenResponse.access_token,
           userId: userByKeycloakId?.['id'],
           expires: tokenResponse.expires_in,
           refreshToken: tokenResponse.refresh_token,
           sessionType: SessionType.USER_SESSION,
-          accountId: userAccountDetails.id
+          accountId: userAccountDetails.id,
+          expiresAt
         };
         const addSessionDetails = await this.userRepository.createSession(sessionData);
         if (!addSessionDetails) {
@@ -1335,13 +1344,4 @@ export class UserService {
       throw new RpcException(error.response ? error.response : error);
     }
   }
-
-  async deleteInActiveSessions(): Promise<number> {
-    try {
-      return await this.userRepository.deleteInactiveSessions();
-    } catch (error) {
-      this.logger.error(`Error in deleting in-active sessions`);
-      throw new RpcException(error.response ? error.response : error);
-    }
-  }
 }

libs/prisma-service/prisma/migrations/20250829091021_add_expiresat_in_session_table/migration.sql

@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "session" ADD COLUMN     "expiresAt" TIMESTAMP(6);

libs/prisma-service/prisma/schema.prisma

@@ -66,6 +66,7 @@ model session {
   accountId        String?     @db.Uuid
   sessionType      String?
   account          account?    @relation(fields: [accountId], references:[id])
+  expiresAt        DateTime?   @db.Timestamp(6)
 }
 
 model token {