auth_session_service Class Reference

Centralized authentication session management service. More...

#include <auth_session_service.hpp>

Collaboration diagram for auth_session_service:

Public Member Functions
std::optional< session_info >	get_session (const std::string &remote_address) const
	Get session for a remote address.
bool	is_authenticated (const std::string &remote_address) const
	Check if a remote address has an authenticated session.
void	store_session (const std::string &remote_address, session_info info)
	Store session for a remote address (legacy interface).
void	store_session_data (const std::string &remote_address, std::shared_ptr< session_data > session)
	Store full session data for a remote address.
std::shared_ptr< session_data >	get_session_data (const std::string &remote_address) const
	Get full session data for a remote address.
void	update_session_bytes (const std::string &remote_address, std::uint64_t bytes_sent, std::uint64_t bytes_received)
	Update byte counters for an active session.
std::shared_ptr< session_data >	remove_session (const std::string &remote_address)
	Remove session for a remote address.
std::vector< std::shared_ptr< session_data > >	clear_all_sessions ()
	Remove all sessions (e.g., on server shutdown).
std::vector< std::shared_ptr< session_data > >	get_all_sessions () const
	Get all active sessions.
void	store_client_info (const std::string &remote_address, client_info info)
	Store client info from handshake.
std::optional< client_info >	get_client_info (const std::string &remote_address) const
	Get client info for a remote address.
void	remove_client_info (const std::string &remote_address)
	Remove client info for a remote address.
std::expected< void, ores::utility::serialization::error_code >	authorize_request (messaging::message_type type, const std::string &remote_address) const
	Check if a request is authorized based on message type and session.

Detailed Description

Centralized authentication session management service.

Tracks authenticated sessions by remote address. This service is shared across all message handlers to provide consistent authorization checks.

Thread-safety: All public methods are thread-safe.

Member Function Documentation

get_session()

std::optional< session_info > get_session

(

const std::string &

remote_address

)

const

Get session for a remote address.

Parameters

remote_address

The client's remote address

Returns

Session info if logged in, nullopt otherwise

Here is the caller graph for this function:

is_authenticated()

bool is_authenticated

(

const std::string &

remote_address

)

const

Check if a remote address has an authenticated session.

Parameters

remote_address

The client's remote address

Returns

true if authenticated, false otherwise

store_session()

void store_session	(	const std::string &	remote_address,
		session_info	info
	)

Store session for a remote address (legacy interface).

Parameters

remote_address	The client's remote address
info	Session information to store

Deprecated:

Use store_session_data() for full session tracking.

store_session_data()

void store_session_data	(	const std::string &	remote_address,
		std::shared_ptr< session_data >	session
	)

Store full session data for a remote address.

Parameters

remote_address	The client's remote address
session	Full session object with all tracking data

Here is the caller graph for this function:

get_session_data()

std::shared_ptr< session_data > get_session_data

(

const std::string &

remote_address

)

const

Get full session data for a remote address.

Parameters

remote_address

The client's remote address

Returns

Shared pointer to session data, nullptr if not found

update_session_bytes()

void update_session_bytes	(	const std::string &	remote_address,
		std::uint64_t	bytes_sent,
		std::uint64_t	bytes_received
	)

Update byte counters for an active session.

Parameters

remote_address	The client's remote address
bytes_sent	Total bytes sent on the connection
bytes_received	Total bytes received on the connection

remove_session()

std::shared_ptr< session_data > remove_session

(

const std::string &

remote_address

)

Remove session for a remote address.

Parameters

remote_address

The client's remote address

Returns

The removed session if found, nullptr otherwise

clear_all_sessions()

std::vector< std::shared_ptr< session_data > > clear_all_sessions

(

)

Remove all sessions (e.g., on server shutdown).

Returns

All removed sessions

store_client_info()

void store_client_info	(	const std::string &	remote_address,
		client_info	info
	)

Store client info from handshake.

Called after successful handshake to store client details for later use when creating a session during login.

Parameters

remote_address	The client's remote address
info	Client information from handshake

get_client_info()

std::optional< client_info > get_client_info

(

const std::string &

remote_address

)

const

Get client info for a remote address.

Parameters

remote_address

The client's remote address

Returns

Client info if stored, nullopt otherwise

remove_client_info()

void remove_client_info

(

const std::string &

remote_address

)

Remove client info for a remote address.

Called when connection is closed to clean up stored handshake data.

Parameters

remote_address

The client's remote address

authorize_request()

std::expected< void, ores::utility::serialization::error_code > authorize_request	(	messaging::message_type	type,
		const std::string &	remote_address
	)		const

Check if a request is authorized based on message type and session.

Centralizes authentication logic for all message types:

• Some messages don't require authentication (login, bootstrap, heartbeat)
• All other messages require authentication

Note: Permission-based authorization is handled at the handler level using authorization_service.has_permission().

Parameters

type	The message type being requested
remote_address	The client's remote address

Returns

Empty expected on success, error_code on failure:

• authentication_failed if auth required but not logged in