auth/account_actions.ts

Account RPC action handlers — self-service operations for the authenticated account.

Seven request_response actions bound to handlers:

- Session reads: account_verify, account_session_list. - Session mutations: account_session_revoke, account_session_revoke_all. - API token management: account_token_create, account_token_list, account_token_revoke.

The action specs themselves live in auth/account_action_specs.ts. Every spec declares auth: {account: 'required', actor: 'none'} so the dispatcher enforces account-grain auth before the handler runs. Revoke operations are account-scoped (via query_session_revoke_for_account / query_revoke_api_token_for_account) so passing another account's session or token id returns revoked: false rather than revealing whether the id exists.

Counterpart to auth/account_routes.ts, which keeps the cookie-lifecycle flows (login, logout, password, signup, bootstrap) on REST.

Declarations
#

2 declarations

view source

AccountActionOptions
#

auth/account_actions.ts view source

AccountActionOptions

max_tokens

Max API tokens per account. When set, account_token_create enforces the cap via query_api_token_enforce_limit inside the same transaction — oldest tokens are evicted once the cap is exceeded. Default DEFAULT_MAX_TOKENS; pass null to disable the cap.

type number | null

connection_closer

Live-connection closer — when set, account_session_revoke / _session_revoke_all / account_token_revoke handlers eagerly close affected WebSocket sockets BEFORE emitting the corresponding audit event. Closes the audit-failure-leaks-WS surface: the listener-based close (transports_ws_auth_guard) only fires after the audit INSERT succeeds, so a DB error would leave live sockets stale. BackendWebsocketTransport satisfies this interface structurally; consumers pass their transport instance directly. When absent, only the listener-based close runs. Mirrors zzz_server's handler-side close_sockets_for_* calls.

type ConnectionCloser | null

create_account_actions
#

auth/account_actions.ts view source

(deps: Pick<RouteFactoryDeps, "log" | "audit">, options?: AccountActionOptions): RpcAction[]

Create the self-service account RPC actions.

deps

RouteFactoryDeps (log, audit, …). audit.emit writes audit rows via the captured pool; the bound emitter encapsulates on_audit_event fan-out and the optional AuditLogConfig.

type Pick<RouteFactoryDeps, "log" | "audit">

options

per-factory configuration

type AccountActionOptions
default {}

returns

RpcAction[]

the RpcAction array to spread into a create_rpc_endpoint call

Depends on
#

Imported by
#