feat(auth): add device session tracking with configurable limits
Track authenticated sessions per device (parsing user-agent for desktop vs mobile via mileusna/useragent), enforce configurable concurrent device limits (Auth.DeviceLimits), and surface device status and "remove other devices" management in the account dialog. Adds device/session context to the auth module stores and exposes limits through the API. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -234,12 +234,16 @@ func newAuthService(c config.Config, cacheStore cacheinfra.Store) *authmodule.Se
|
||||
codeStore := authmodule.NewCacheCodeStore(cacheStore, codeTTL)
|
||||
humanVerifier := newAuthHumanVerifier(c)
|
||||
return authmodule.NewServiceWithCodeStoreEmailAndHumanVerifier(store, codeStore, newAuthEmailSender(c), humanVerifier, authmodule.Config{
|
||||
Region: opts.Region,
|
||||
RegionMode: opts.RegionMode,
|
||||
TokenSecret: opts.TokenSecret,
|
||||
TokenTTL: time.Duration(opts.TokenTTLSeconds) * time.Second,
|
||||
RefreshTokenTTL: time.Duration(opts.RefreshTTLSeconds) * time.Second,
|
||||
CodeTTL: time.Duration(opts.CodeTTLSeconds) * time.Second,
|
||||
Region: opts.Region,
|
||||
RegionMode: opts.RegionMode,
|
||||
TokenSecret: opts.TokenSecret,
|
||||
TokenTTL: time.Duration(opts.TokenTTLSeconds) * time.Second,
|
||||
RefreshTokenTTL: time.Duration(opts.RefreshTTLSeconds) * time.Second,
|
||||
CodeTTL: time.Duration(opts.CodeTTLSeconds) * time.Second,
|
||||
DeviceLimits: authmodule.DeviceLimits{
|
||||
Desktop: opts.DeviceLimits.Desktop,
|
||||
Mobile: opts.DeviceLimits.Mobile,
|
||||
},
|
||||
DevReturnCode: opts.DevReturnCode,
|
||||
EmailFromName: opts.Email.FromName,
|
||||
EmailFromEmail: opts.Email.FromEmail,
|
||||
|
||||
Reference in New Issue
Block a user