Repository for inserting JWT authentication telemetry events. More...
#include <auth_event_repository.hpp>
Collaboration diagram for auth_event_repository:
Public Types | |
| using | context = ores::database::context |
Public Member Functions | |
| auth_event_repository (context ctx) | |
| void | record_login_success (const std::chrono::system_clock::time_point &event_time, const std::string &tenant_id, const std::string &account_id, const std::string &username, const std::string &session_id, const std::string &party_id) |
| Record a login success event. | |
| void | record_login_failure (const std::chrono::system_clock::time_point &event_time, const std::string &tenant_id, const std::string &username, const std::string &error_detail) |
| Record a login failure event. | |
| void | record_logout (const std::chrono::system_clock::time_point &event_time, const std::string &tenant_id, const std::string &account_id, const std::string &username, const std::string &session_id) |
| Record a logout event. | |
| void | record_token_refresh (const std::chrono::system_clock::time_point &event_time, const std::string &tenant_id, const std::string &account_id, const std::string &username, const std::string &session_id) |
| Record a successful token refresh event. | |
| void | record_max_session_exceeded (const std::chrono::system_clock::time_point &event_time, const std::string &tenant_id, const std::string &account_id, const std::string &username, const std::string &session_id) |
| Record a max_session_exceeded event. | |
| void | record_signup_success (const std::chrono::system_clock::time_point &event_time, const std::string &tenant_id, const std::string &account_id, const std::string &username) |
| Record a signup success event. | |
| void | record_signup_failure (const std::chrono::system_clock::time_point &event_time, const std::string &tenant_id, const std::string &username, const std::string &error_detail) |
| Record a signup failure event. | |
Detailed Description
Repository for inserting JWT authentication telemetry events.
Writes to the ores_iam_auth_events_tbl TimescaleDB hypertable. Insert-only — events are immutable once recorded.
This is a system-level audit log: no RLS is applied. The caller must ensure that the context has write access to the auth events table.
Member Function Documentation
◆ record_login_success()
| void record_login_success | ( | const std::chrono::system_clock::time_point & | event_time, |
| const std::string & | tenant_id, | ||
| const std::string & | account_id, | ||
| const std::string & | username, | ||
| const std::string & | session_id, | ||
| const std::string & | party_id | ||
| ) |
Record a login success event.
- Parameters
-
event_time Timestamp of the event tenant_id Tenant UUID string account_id Account UUID string username Username used for login session_id Session UUID string created at login party_id Selected party UUID string (empty if multi-party)
◆ record_login_failure()
| void record_login_failure | ( | const std::chrono::system_clock::time_point & | event_time, |
| const std::string & | tenant_id, | ||
| const std::string & | username, | ||
| const std::string & | error_detail | ||
| ) |
Record a login failure event.
- Parameters
-
event_time Timestamp of the event tenant_id Tenant UUID string (empty if tenant could not be resolved) username Username that was attempted error_detail Error message describing the failure reason
◆ record_logout()
| void record_logout | ( | const std::chrono::system_clock::time_point & | event_time, |
| const std::string & | tenant_id, | ||
| const std::string & | account_id, | ||
| const std::string & | username, | ||
| const std::string & | session_id | ||
| ) |
Record a logout event.
- Parameters
-
event_time Timestamp of the event tenant_id Tenant UUID string account_id Account UUID string username Username of the account session_id Session UUID string being ended
◆ record_token_refresh()
| void record_token_refresh | ( | const std::chrono::system_clock::time_point & | event_time, |
| const std::string & | tenant_id, | ||
| const std::string & | account_id, | ||
| const std::string & | username, | ||
| const std::string & | session_id | ||
| ) |
Record a successful token refresh event.
- Parameters
-
event_time Timestamp of the event tenant_id Tenant UUID string from the JWT claims account_id Account UUID string (subject claim) username Username from the JWT claims session_id Session UUID string from the JWT claims
◆ record_max_session_exceeded()
| void record_max_session_exceeded | ( | const std::chrono::system_clock::time_point & | event_time, |
| const std::string & | tenant_id, | ||
| const std::string & | account_id, | ||
| const std::string & | username, | ||
| const std::string & | session_id | ||
| ) |
Record a max_session_exceeded event.
Emitted when a token refresh is rejected because the session has reached its maximum allowed duration.
- Parameters
-
event_time Timestamp of the event tenant_id Tenant UUID string from the JWT claims account_id Account UUID string (subject claim) username Username from the JWT claims session_id Session UUID string from the JWT claims
◆ record_signup_success()
| void record_signup_success | ( | const std::chrono::system_clock::time_point & | event_time, |
| const std::string & | tenant_id, | ||
| const std::string & | account_id, | ||
| const std::string & | username | ||
| ) |
Record a signup success event.
- Parameters
-
event_time Timestamp of the event tenant_id Tenant UUID string account_id New account UUID string username Username created
◆ record_signup_failure()
| void record_signup_failure | ( | const std::chrono::system_clock::time_point & | event_time, |
| const std::string & | tenant_id, | ||
| const std::string & | username, | ||
| const std::string & | error_detail | ||
| ) |
Record a signup failure event.
- Parameters
-
event_time Timestamp of the event tenant_id Tenant UUID string username Username that was attempted error_detail Error message describing the failure reason
