egg/OCR
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f01591e9eb732833410ffed8b3eb91c7cc2c817e
OCR/backend/app/models/session.py
egg ee49751c38 fix: add UTC timezone indicator to all datetime serialization 
Database stores times in UTC but serialized without timezone info,
causing frontend to misinterpret as local time. Now all datetime
fields include 'Z' suffix to indicate UTC, enabling proper timezone
conversion in the browser.

- Add UTCDatetimeBaseModel base class for Pydantic schemas
- Update model to_dict() methods to append 'Z' suffix
- Affects: tasks, users, sessions, audit logs, translations

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-14 15:48:17 +08:00

86 lines
3.4 KiB
Python
Raw Blame History

"""
Tool_OCR - Session Model
Secure token storage and session management for external authentication
"""
from sqlalchemy import Column, Integer, String, DateTime, Text, ForeignKey
from sqlalchemy.orm import relationship
from datetime import datetime
from app.core.database import Base
class Session(Base):
"""
User session model for external API token management
Stores encrypted tokens from external authentication API
and tracks session metadata for security auditing.
"""
__tablename__ = "tool_ocr_sessions"
id = Column(Integer, primary_key=True, index=True, autoincrement=True)
user_id = Column(Integer, ForeignKey("tool_ocr_users.id", ondelete="CASCADE"),
nullable=False, index=True,
comment="Foreign key to users table")
access_token = Column(Text, nullable=True,
comment="Encrypted JWT access token from external API")
id_token = Column(Text, nullable=True,
comment="Encrypted JWT ID token from external API")
refresh_token = Column(Text, nullable=True,
comment="Encrypted refresh token (if provided by API)")
token_type = Column(String(50), default="Bearer", nullable=False,
comment="Token type (typically 'Bearer')")
expires_at = Column(DateTime, nullable=False, index=True,
comment="Token expiration timestamp from API")
issued_at = Column(DateTime, nullable=False,
comment="Token issue timestamp from API")
# Session metadata for security
ip_address = Column(String(45), nullable=True,
comment="Client IP address (IPv4/IPv6)")
user_agent = Column(String(500), nullable=True,
comment="Client user agent string")
# Timestamps
created_at = Column(DateTime, default=datetime.utcnow, nullable=False, index=True)
last_accessed_at = Column(DateTime, default=datetime.utcnow,
onupdate=datetime.utcnow, nullable=False,
comment="Last time this session was used")
# Relationships
user = relationship("User", back_populates="sessions")
def __repr__(self):
return f"<Session(id={self.id}, user_id={self.user_id}, expires_at='{self.expires_at}')>"
def to_dict(self):
"""Convert session to dictionary (excluding sensitive tokens).
All datetime fields are serialized with 'Z' suffix to indicate UTC timezone.
"""
return {
"id": self.id,
"user_id": self.user_id,
"token_type": self.token_type,
"expires_at": self.expires_at.isoformat() + 'Z' if self.expires_at else None,
"issued_at": self.issued_at.isoformat() + 'Z' if self.issued_at else None,
"ip_address": self.ip_address,
"created_at": self.created_at.isoformat() + 'Z' if self.created_at else None,
"last_accessed_at": self.last_accessed_at.isoformat() + 'Z' if self.last_accessed_at else None
}
@property
def is_expired(self) -> bool:
"""Check if session token is expired"""
return datetime.utcnow() >= self.expires_at if self.expires_at else True
@property
def time_until_expiry(self) -> int:
"""Get seconds until token expiration"""
if not self.expires_at:
return 0
delta = self.expires_at - datetime.utcnow()
return max(0, int(delta.total_seconds()))
Reference in New Issue View Git Blame Copy Permalink