(PC-38964)[API] chore: improve user management

Author: rpaoloni-pass

api/alembic_version_conflict_detection.txt

@@ -1,2 +1,2 @@
-6f2f704ec485 (pre) (head)
+44890ce1925d (pre) (head)
 b7e8461b1da3 (post) (head)

api/src/pcapi/alembic/versions/20251126T145754_44890ce1925d_update_session_schema.py

@@ -0,0 +1,20 @@
+"""update session schema"""
+
+import sqlalchemy as sa
+from alembic import op
+
+
+# pre/post deployment: pre
+# revision identifiers, used by Alembic.
+revision = "44890ce1925d"
+down_revision = "6f2f704ec485"
+branch_labels: tuple[str] | None = None
+depends_on: list[str] | None = None
+
+
+def upgrade() -> None:
+    op.add_column("user_session", sa.Column("expirationDatetime", sa.DateTime(), nullable=True))
+
+
+def downgrade() -> None:
+    op.drop_column("user_session", "expirationDatetime")

api/src/pcapi/core/users/models.py

@@ -1280,6 +1280,7 @@ class UserSession(PcObject, Model):
     __tablename__ = "user_session"
     userId: sa_orm.Mapped[int] = sa_orm.mapped_column(sa.BigInteger, nullable=False)
     uuid: sa_orm.Mapped[UUID] = sa_orm.mapped_column(postgresql.UUID(as_uuid=True), unique=True, nullable=False)
+    expirationDatetime: sa_orm.Mapped[datetime] = sa_orm.mapped_column(sa.DateTime, nullable=True)
 
 
 class TrustedDevice(PcObject, Model):

api/src/pcapi/routes/backoffice/auth.py

@@ -26,6 +26,9 @@
 from . import utils
 
 
+# a french worker cannot work for more than 12 hours so disconnecting them after 13 hours is safe
+MAXIMUM_SESSION_LENGTH_HOURS = 13
+
 logger = logging.getLogger(__name__)
 
 
@@ -50,7 +53,7 @@ def login() -> utils.BackofficeResponse:
         db.session.flush()
 
         login_user(local_admin, remember=True)
-        login_manager.stamp_session(local_admin)
+        login_manager.stamp_session(user=local_admin, duration=datetime.timedelta(hours=MAXIMUM_SESSION_LENGTH_HOURS))
         return werkzeug.utils.redirect(url_for(".home"))
 
     redirect_uri = url_for(".authorize", _external=True)
@@ -111,13 +114,16 @@ def authorize() -> utils.BackofficeResponse:
     )
 
     login_user(user, remember=True)
-    login_manager.stamp_session(user)
+    login_manager.stamp_session(user=user, duration=datetime.timedelta(hours=MAXIMUM_SESSION_LENGTH_HOURS))
     return redirect(url_for(".home"))
 
 
 @blueprint.backoffice_web.route("/logout", methods=["POST"])
 @utils.custom_login_required(redirect_to=".home")
 def logout() -> utils.BackofficeResponse:
+    from pcapi.utils import login_manager
+
+    login_manager.discard_session()
     logout_user()
     return redirect(url_for(".home"), code=303)
 

api/src/pcapi/routes/pro/users.py

@@ -85,7 +85,10 @@ def validate_user(token: str) -> None:
         raise ResourceNotFoundError(errors={"global": "Le lien est invalide ou a expiré. Veuillez recommencer."})
     discard_session()
     login_user(user)
-    stamp_session(user)
+    stamp_session(
+        user=user,
+        duration=settings.PRO_SESSION_FORCE_TIMEOUT_IN_DAYS,
+    )
     flask.session["last_login"] = date_utils.get_naive_utc_now().timestamp()
     users_api.update_last_connection_date(user)
 
@@ -259,7 +262,10 @@ def signin(body: users_serializers.LoginUserBodyModel) -> users_serializers.Shar
 
     discard_session()
     login_user(user)
-    stamp_session(user)
+    stamp_session(
+        user=user,
+        duration=settings.PRO_SESSION_FORCE_TIMEOUT_IN_DAYS,
+    )
     flask.session["last_login"] = date_utils.get_naive_utc_now().timestamp()
     users_api.update_last_connection_date(user)
 
@@ -341,7 +347,10 @@ def connect_as(token: str) -> Response:
     discard_session()
     logout_user()
     login_user(user)
-    stamp_session(user)
+    stamp_session(
+        user=user,
+        duration=settings.PRO_SESSION_FORCE_TIMEOUT_IN_DAYS,
+    )
     flask.session["internal_admin_email"] = token_data.internal_admin_email
     flask.session["internal_admin_id"] = token_data.internal_admin_id
     flask.session["last_login"] = date_utils.get_naive_utc_now().timestamp()

api/src/pcapi/utils/login_manager.py

@@ -1,8 +1,10 @@
 import logging
 import uuid
 from datetime import datetime
+from datetime import timedelta
 
 import flask
+import sqlalchemy as sa
 import werkzeug.datastructures
 from flask import current_app as app
 from flask_login import logout_user
@@ -43,7 +45,10 @@ def get_user_with_id(user_id: str) -> users_models.User | None:
 
     flask.session.permanent = True
     session_uuid = flask.session.get("session_uuid")
-    user_session = db.session.query(users_models.UserSession).filter_by(userId=user_id, uuid=session_uuid).one_or_none()
+    user_session = get_session(
+        user_id=user_id,
+        session_uuid=session_uuid,
+    )
 
     if not user_session:
         return None
@@ -70,11 +75,32 @@ def send_401() -> tuple[flask.Response, int]:
     return flask.jsonify(e.errors), 401
 
 
-def stamp_session(user: users_models.User) -> None:
+def get_session(user_id: str, session_uuid: str | None) -> users_models.UserSession | None:
+    if not user_id or not session_uuid:
+        return None
+    return (
+        db.session.query(users_models.UserSession)
+        .filter(
+            users_models.UserSession.userId == int(user_id),
+            users_models.UserSession.uuid == session_uuid,
+            sa.or_(
+                users_models.UserSession.expirationDatetime > date_utils.get_naive_utc_now(),
+                users_models.UserSession.expirationDatetime == None,
+            ),
+        )
+        .one_or_none()
+    )
+
+
+def stamp_session(user: users_models.User, duration: timedelta) -> None:
     session_uuid = uuid.uuid4()
     flask.session["session_uuid"] = session_uuid
     flask.session["user_id"] = user.id
-    db.session.add(users_models.UserSession(userId=user.id, uuid=session_uuid))
+    db.session.add(
+        users_models.UserSession(
+            userId=user.id, uuid=session_uuid, expirationDatetime=date_utils.get_naive_utc_now() + duration
+        )
+    )
     db.session.commit()
 
 
@@ -101,6 +127,7 @@ def manage_pro_session(user: users_models.User | None) -> users_models.User | No
     current_timestamp = date_utils.get_naive_utc_now().timestamp()
     last_login = datetime.fromtimestamp(flask.session.get("last_login", current_timestamp))
     last_api_call = datetime.fromtimestamp(flask.session.get("last_api_call", current_timestamp))
+
     valid_session = compute_pro_session_validity(last_login, last_api_call)
 
     if "last_login" not in flask.session:

api/tests/conftest.py

@@ -8,6 +8,7 @@
 import typing
 import urllib.parse
 from dataclasses import dataclass
+from datetime import timedelta
 from pathlib import Path
 from pprint import pprint
 from unittest.mock import MagicMock
@@ -109,7 +110,7 @@ def signin(user_id: int):
             user = db.session.query(User).filter_by(id=user_id).one()
 
             login_user(user, remember=True)
-            login_manager.stamp_session(user)
+            login_manager.stamp_session(user, timedelta(minutes=15))
 
             return ""
 

api/tests/routes/native/v1/account_test.py

@@ -370,8 +370,7 @@ def test_num_queries_with_next_step(self, client):
         response = client.get("/native/v1/me")
         assert response.status_code == 200
         client.with_token(user.email)
-        n_queries = 1  # get user session
-        n_queries += 1  # get user
+        n_queries = 1  # get user
         n_queries += 1  # get bookings
 
         with assert_num_queries(n_queries):

api/tests/routes/native/v1/favorites_test.py

@@ -345,8 +345,7 @@ def test_uses_offerer_address_if_available(self, client):
             client.post(FAVORITES_URL, json={"offerId": offer.id})
             # 1: Fetch the user for auth
             # 1: Fetch the favorites
-            num_queries = 1  # Get session
-            num_queries += 1  # Get user
+            num_queries = 1  # Get user
             num_queries += 1  # Get favorites
             with assert_num_queries(num_queries):
                 response = client.get(FAVORITES_URL)