Adding sessions code

2024-12-24 13:43:12 +02:00 · 2020-12-02 21:12:14 +01:00 · 2020-12-02 21:12:14 +01:00 · 7382f9c55c
commit 7382f9c55c
parent dc5fb0cfc1
16 changed files with 208 additions and 56 deletions
--- a/server/api/api.go
+++ b/server/api/api.go
@ -32,7 +32,7 @@ func (a *API) app() *app.App {
 }

 func (a *API) RegisterRoutes(r *mux.Router) {
-	r.HandleFunc("/api/v1/blocks", a.handleGetBlocks).Methods("GET")
+	r.HandleFunc("/api/v1/blocks", a.sessionRequired(a.handleGetBlocks)).Methods("GET")
 	r.HandleFunc("/api/v1/blocks", a.handlePostBlocks).Methods("POST")
 	r.HandleFunc("/api/v1/blocks/{blockID}", a.handleDeleteBlock).Methods("DELETE")
 	r.HandleFunc("/api/v1/blocks/{blockID}/subtree", a.handleGetSubTree).Methods("GET")
--- a/server/api/auth.go
+++ b/server/api/auth.go
@ -1,12 +1,15 @@
 package api

 import (
+	"context"
 	"encoding/json"
 	"errors"
 	"io/ioutil"
 	"log"
 	"net/http"
 	"strings"
+
+	"github.com/mattermost/mattermost-octo-tasks/server/services/auth"
 )

 type LoginData struct {
@ -68,6 +71,7 @@ func (a *API) handleLogin(w http.ResponseWriter, r *http.Request) {
 		}

 		jsonBytesResponse(w, http.StatusOK, json)
+		return
 	}

 	errorResponse(w, http.StatusInternalServerError, map[string]string{"error": "Unknown login type"})
@ -102,3 +106,16 @@ func (a *API) handleRegister(w http.ResponseWriter, r *http.Request) {
 	jsonBytesResponse(w, http.StatusOK, nil)
 	return
 }
+
+func (a *API) sessionRequired(handler func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) {
+	return func(w http.ResponseWriter, r *http.Request) {
+		token, _ := auth.ParseAuthTokenFromRequest(r)
+		session, err := a.app().GetSession(token)
+		if err != nil {
+			errorResponse(w, http.StatusUnauthorized, map[string]string{"error": err.Error()})
+			return
+		}
+		ctx := context.WithValue(r.Context(), "session", session)
+		handler(w, r.WithContext(ctx))
+	}
+}
--- a/server/app/auth.go
+++ b/server/app/auth.go
@ -8,6 +8,14 @@ import (
 	"github.com/pkg/errors"
 )

+func (a *App) GetSession(token string) (*model.Session, error) {
+	session, err := a.store.GetSession(token)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to get the session for the token")
+	}
+	return session, nil
+}
+
 func (a *App) Login(username string, email string, password string, mfaToken string) (string, error) {
 	var user *model.User
 	if username != "" {
@ -33,8 +41,19 @@ func (a *App) Login(username string, email string, password string, mfaToken str
 		return "", errors.New("invalid username or password")
 	}

+	session := model.Session{
+		ID:     uuid.New().String(),
+		Token:  uuid.New().String(),
+		UserID: user.ID,
+		Props:  map[string]interface{}{},
+	}
+	err := a.store.CreateSession(&session)
+	if err != nil {
+		return "", errors.Wrap(err, "unable to create session")
+	}
+
 	// TODO: MFA verification
-	return auth.CreateToken(user.ID, a.config.Secret)
+	return session.Token, nil
 }

 func (a *App) RegisterUser(username string, email string, password string) error {
--- a/server/model/user.go
+++ b/server/model/user.go
@ -13,3 +13,10 @@ type User struct {
 	UpdateAt    int64                  `json:"update_at,omitempty"`
 	DeleteAt    int64                  `json:"delete_at"`
 }
+
+type Session struct {
+	ID     string                 `json:"id"`
+	Token  string                 `json:"token"`
+	UserID string                 `json:"user_id"`
+	Props  map[string]interface{} `json:"props"`
+}
--- a/server/services/store/sqlstore/migrations/postgres/bindata.go
+++ b/server/services/store/sqlstore/migrations/postgres/bindata.go
@ -61,21 +61,21 @@ func _000002_system_settings_table_up_sql() ([]byte, error) {
 	)
 }

-var __000003_users_table_down_sql = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x72\x09\xf2\x0f\x50\x08\x71\x74\xf2\x71\x55\x28\x2d\x4e\x2d\x2a\xb6\xe6\x02\x04\x00\x00\xff\xff\xcf\x0c\x8a\x87\x12\x00\x00\x00")
+var __000003_auth_table_down_sql = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x72\x09\xf2\x0f\x50\x08\x71\x74\xf2\x71\x55\x28\x2d\x4e\x2d\x2a\xb6\xe6\x42\x12\x29\x4e\x2d\x2e\xce\xcc\xcf\x2b\xb6\xe6\x02\x04\x00\x00\xff\xff\xa5\xe0\x77\xaa\x27\x00\x00\x00")

-func _000003_users_table_down_sql() ([]byte, error) {
+func _000003_auth_table_down_sql() ([]byte, error) {
 	return bindata_read(
-		__000003_users_table_down_sql,
-		"000003_users_table.down.sql",
+		__000003_auth_table_down_sql,
+		"000003_auth_table.down.sql",
 	)
 }

-var __000003_users_table_up_sql = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x6c\xcd\xcd\x4e\x85\x30\x10\x86\xe1\x75\x7b\x15\xb3\x84\x84\xc5\xf1\x24\xac\x5c\x15\xac\x5a\x7f\x80\x94\x6a\x64\x45\x26\x74\x8c\x4d\x40\x48\x5b\xf4\xf6\x0d\x31\xd1\x08\xce\xf2\x79\x93\xf9\x4a\x2d\x85\x91\x60\x44\xf1\x20\x41\x5d\x43\x55\x1b\x90\x2f\xaa\x35\x2d\xac\x81\x7c\x80\x84\x33\x67\xe1\x59\xe8\xf2\x56\xe8\xe4\xe2\x74\x4a\x33\xce\xb6\xf4\x8e\x13\xed\x9d\x26\x74\xe3\x0f\x9e\xf3\x7c\xc3\x05\x43\xf8\x9c\xfd\xfe\x09\x00\xc0\xf4\x8a\x7d\xa0\xc1\x53\xfc\x27\xe2\x1a\xdf\xfa\x40\xfe\xc3\x0d\xbf\x43\xe7\x3f\xd5\x62\xc4\xfd\x5c\xe3\xe7\x25\xc0\xf7\xdd\xb5\x75\x95\x71\x56\x7a\xc2\x48\x22\x6e\x54\xa8\x1b\x55\x99\x8c\xb3\xa7\xc5\x1e\xf1\x8a\x46\x3a\x60\xa3\xd5\xa3\xd0\x1d\xdc\xcb\x0e\x12\x67\x53\x9e\x5e\xf2\xaf\x00\x00\x00\xff\xff\xa3\x41\x36\x1b\x38\x01\x00\x00")
+var __000003_auth_table_up_sql = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xa4\x90\x4f\x4b\x03\x31\x10\xc5\xcf\x9b\x4f\x31\xc7\x5d\xe8\xa1\x16\x7a\xf2\x94\x96\xa8\xf1\xcf\x56\xb2\x41\xec\x69\x19\x36\x23\x06\xbb\x7f\xc8\xa4\xfa\xf5\x25\x08\x8a\xdd\xe8\xa5\x73\xfc\xbd\x61\xde\xbc\xb7\x35\x4a\x5a\x05\x56\x6e\xee\x15\xe8\x2b\xa8\x77\x16\xd4\xb3\x6e\x6c\x03\x47\xa6\xc0\x50\x8a\xc2\x3b\x78\x92\x66\x7b\x23\x4d\x79\xb1\x5c\x56\x0b\x51\x24\x69\xc0\x9e\x4e\x39\xf5\xe8\x0f\xdf\x70\xb5\x5e\x27\x38\x21\xf3\xc7\x18\x4e\x8f\x00\x00\xf4\x2f\xd8\x32\x75\x81\x62\x46\xc4\x63\x7c\x6d\x99\xc2\xbb\xef\x7e\x8c\x56\xbf\x54\x87\x11\x67\x76\x61\x9c\x18\xbe\xe6\xb6\xd9\xd5\x0b\x51\x74\x81\x30\x52\x8b\x31\xb1\x8d\xbe\xd6\xb5\x4d\x21\x26\x97\xa1\x8e\x0e\x34\xa7\x8f\x46\x3f\x48\xb3\x87\x3b\xb5\x87\xd2\xbb\x4a\x54\x97\x42\xfc\xd3\x1d\x13\xb3\x1f\x87\x3f\xea\x8b\xe3\x1b\x0d\xb9\x4e\xdb\xf9\xee\x99\x71\x72\x8f\x7f\x06\x00\x00\xff\xff\x35\x8e\x4b\xc6\xf4\x01\x00\x00")

-func _000003_users_table_up_sql() ([]byte, error) {
+func _000003_auth_table_up_sql() ([]byte, error) {
 	return bindata_read(
-		__000003_users_table_up_sql,
-		"000003_users_table.up.sql",
+		__000003_auth_table_up_sql,
+		"000003_auth_table.up.sql",
 	)
 }

@ -105,8 +105,8 @@ var _bindata = map[string]func() ([]byte, error){
 	"000001_init.up.sql": _000001_init_up_sql,
 	"000002_system_settings_table.down.sql": _000002_system_settings_table_down_sql,
 	"000002_system_settings_table.up.sql": _000002_system_settings_table_up_sql,
-	"000003_users_table.down.sql": _000003_users_table_down_sql,
-	"000003_users_table.up.sql": _000003_users_table_up_sql,
+	"000003_auth_table.down.sql": _000003_auth_table_down_sql,
+	"000003_auth_table.up.sql": _000003_auth_table_up_sql,
 }
 // AssetDir returns the file names below a certain
 // directory embedded in the file by go-bindata.
@ -156,8 +156,8 @@ var _bintree = &_bintree_t{nil, map[string]*_bintree_t{
 	}},
 	"000002_system_settings_table.up.sql": &_bintree_t{_000002_system_settings_table_up_sql, map[string]*_bintree_t{
 	}},
-	"000003_users_table.down.sql": &_bintree_t{_000003_users_table_down_sql, map[string]*_bintree_t{
+	"000003_auth_table.down.sql": &_bintree_t{_000003_auth_table_down_sql, map[string]*_bintree_t{
 	}},
-	"000003_users_table.up.sql": &_bintree_t{_000003_users_table_up_sql, map[string]*_bintree_t{
+	"000003_auth_table.up.sql": &_bintree_t{_000003_auth_table_up_sql, map[string]*_bintree_t{
 	}},
 }}
--- a/server/services/store/sqlstore/migrations/postgres_files/000003_auth_table.down.sql
+++ b/server/services/store/sqlstore/migrations/postgres_files/000003_auth_table.down.sql
@ -0,0 +1,2 @@
+DROP TABLE users;
+DROP TABLE sessions;
--- a/server/services/store/sqlstore/migrations/postgres_files/000003_auth_table.up.sql
+++ b/server/services/store/sqlstore/migrations/postgres_files/000003_auth_table.up.sql
@ -0,0 +1,24 @@
+CREATE TABLE IF NOT EXISTS users (
+	id VARCHAR(100),
+	username VARCHAR(100),
+	email VARCHAR(255),
+	password VARCHAR(100),
+    mfa_secret VARCHAR(100),
+    auth_service VARCHAR(20),
+    auth_data VARCHAR(255),
+	props       JSON,
+	create_at    BIGINT,
+	update_at    BIGINT,
+	delete_at    BIGINT,
+	PRIMARY KEY (id)
+);
+
+CREATE TABLE IF NOT EXISTS sessions (
+	id VARCHAR(100),
+	token VARCHAR(100),
+	user_id VARCHAR(100),
+	props       JSON,
+	create_at    BIGINT,
+	update_at    BIGINT,
+	PRIMARY KEY (id)
+);
--- a/server/services/store/sqlstore/migrations/postgres_files/000003_users_table.down.sql
+++ b/server/services/store/sqlstore/migrations/postgres_files/000003_users_table.down.sql
@ -1 +0,0 @@
-DROP TABLE users;
--- a/server/services/store/sqlstore/migrations/postgres_files/000003_users_table.up.sql
+++ b/server/services/store/sqlstore/migrations/postgres_files/000003_users_table.up.sql
@ -1,14 +0,0 @@
-CREATE TABLE IF NOT EXISTS users (
-	id VARCHAR(100),
-	username VARCHAR(100),
-	email VARCHAR(255),
-	password VARCHAR(100),
-    mfa_secret VARCHAR(100),
-    auth_service VARCHAR(20),
-    auth_data VARCHAR(255),
-	Props       JSON,
-	CreateAt    BIGINT,
-	UpdateAt    BIGINT,
-	DeleteAt    BIGINT,
-	PRIMARY KEY (id)
-);
--- a/server/services/store/sqlstore/migrations/sqlite/bindata.go
+++ b/server/services/store/sqlstore/migrations/sqlite/bindata.go
@ -61,21 +61,21 @@ func _000002_system_settings_table_up_sql() ([]byte, error) {
 	)
 }

-var __000003_users_table_down_sql = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x72\x09\xf2\x0f\x50\x08\x71\x74\xf2\x71\x55\x28\x2d\x4e\x2d\x2a\xb6\xe6\x02\x04\x00\x00\xff\xff\xcf\x0c\x8a\x87\x12\x00\x00\x00")
+var __000003_auth_table_down_sql = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x72\x09\xf2\x0f\x50\x08\x71\x74\xf2\x71\x55\x28\x2d\x4e\x2d\x2a\xb6\xe6\x42\x12\x29\x4e\x2d\x2e\xce\xcc\xcf\x2b\xb6\xe6\x02\x04\x00\x00\xff\xff\xa5\xe0\x77\xaa\x27\x00\x00\x00")

-func _000003_users_table_down_sql() ([]byte, error) {
+func _000003_auth_table_down_sql() ([]byte, error) {
 	return bindata_read(
-		__000003_users_table_down_sql,
-		"000003_users_table.down.sql",
+		__000003_auth_table_down_sql,
+		"000003_auth_table.down.sql",
 	)
 }

-var __000003_users_table_up_sql = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x6c\xcd\xd1\x4b\x85\x30\x14\xc7\xf1\x67\xf7\x57\x9c\x47\x85\xfb\x70\x13\x7c\xea\x69\xda\xaa\x51\x99\xcc\x15\xfa\x24\x07\x77\xa2\x81\xa6\x6c\xb3\xfe\xfd\x18\x41\x91\xde\xf3\xf8\xf9\xc2\xf9\x55\x4a\x70\x2d\x40\xf3\xf2\x51\x80\xbc\x85\xfa\x59\x83\xe8\x64\xab\x5b\xd8\x3c\x39\x0f\x29\x4b\xac\x81\x57\xae\xaa\x7b\xae\xd2\xab\xf3\x39\x3b\xb1\x24\xa6\x0f\x9c\x69\xef\x34\xa3\x9d\x7e\x31\x2f\x8a\x88\x2b\x7a\xff\xb5\xb8\xfd\x13\x00\x80\xf9\x0d\x07\x4f\xa3\xa3\x70\x21\xe2\x16\xde\x07\x4f\xee\xd3\x8e\x7f\x43\xf9\xbf\x6a\x30\xe0\x7e\xae\x71\xcb\xea\xe1\xe7\xb4\xe8\xf4\x89\x25\x95\x23\x0c\xc4\x43\xa4\x52\xde\xc9\x3a\xe2\xcb\x6a\x8e\x78\x43\x13\x1d\xb0\x51\xf2\x89\xab\x1e\x1e\x44\x0f\xa9\x35\x19\xcb\xae\xd9\x77\x00\x00\x00\xff\xff\x8b\xb1\x5a\xe4\x38\x01\x00\x00")
+var __000003_auth_table_up_sql = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xa4\xd0\xc1\x4a\x03\x31\x10\x06\xe0\xf3\xe6\x29\xe6\xb8\x0b\x3d\xd4\x42\x4f\x9e\xd2\x12\x35\xa8\x55\xd2\x20\xed\x69\x19\x36\x23\x06\xbb\x9b\x25\x93\xd5\xd7\x97\x20\x28\x76\xa3\x17\x73\xfc\xfe\x90\xc9\xfc\x5b\xa3\xa4\x55\x60\xe5\xe6\x4e\x81\xbe\x82\xdd\x83\x05\x75\xd0\x7b\xbb\x87\x89\x29\x32\xd4\xa2\xf2\x0e\x9e\xa4\xd9\xde\x48\x53\x5f\x2c\x97\xcd\x42\x54\x39\x1a\xb0\xa7\x73\xa7\x1e\xfd\xe9\x0b\x57\xeb\x75\xc6\x11\x99\xdf\x43\x3c\x7f\x04\x00\xa0\x7f\xc6\x96\xa9\x8b\x94\x0a\x21\x4e\xe9\xa5\x65\x8a\x6f\xbe\xfb\x1e\xb4\xfa\x91\x3a\x4c\x38\x1b\x17\xc3\xc8\xf0\x79\xac\x3a\xd8\x85\xa8\xba\x48\x98\xa8\xc5\x94\x6d\xa3\xaf\xf5\x2e\xeb\x34\xba\x82\x3a\x3a\xd1\x5c\x1f\x8d\xbe\x97\xe6\x08\xb7\xea\x08\xb5\x77\x8d\x68\x2e\x85\xf8\xa3\x3b\x26\x66\x1f\x86\x5f\xea\x4b\xe1\x95\x86\x52\xa7\xed\xfc\xee\x3f\xd7\x29\x7d\xfc\x23\x00\x00\xff\xff\xa1\xd6\x24\xe6\xf4\x01\x00\x00")

-func _000003_users_table_up_sql() ([]byte, error) {
+func _000003_auth_table_up_sql() ([]byte, error) {
 	return bindata_read(
-		__000003_users_table_up_sql,
-		"000003_users_table.up.sql",
+		__000003_auth_table_up_sql,
+		"000003_auth_table.up.sql",
 	)
 }

@ -105,8 +105,8 @@ var _bindata = map[string]func() ([]byte, error){
 	"000001_init.up.sql": _000001_init_up_sql,
 	"000002_system_settings_table.down.sql": _000002_system_settings_table_down_sql,
 	"000002_system_settings_table.up.sql": _000002_system_settings_table_up_sql,
-	"000003_users_table.down.sql": _000003_users_table_down_sql,
-	"000003_users_table.up.sql": _000003_users_table_up_sql,
+	"000003_auth_table.down.sql": _000003_auth_table_down_sql,
+	"000003_auth_table.up.sql": _000003_auth_table_up_sql,
 }
 // AssetDir returns the file names below a certain
 // directory embedded in the file by go-bindata.
@ -156,8 +156,8 @@ var _bintree = &_bintree_t{nil, map[string]*_bintree_t{
 	}},
 	"000002_system_settings_table.up.sql": &_bintree_t{_000002_system_settings_table_up_sql, map[string]*_bintree_t{
 	}},
-	"000003_users_table.down.sql": &_bintree_t{_000003_users_table_down_sql, map[string]*_bintree_t{
+	"000003_auth_table.down.sql": &_bintree_t{_000003_auth_table_down_sql, map[string]*_bintree_t{
 	}},
-	"000003_users_table.up.sql": &_bintree_t{_000003_users_table_up_sql, map[string]*_bintree_t{
+	"000003_auth_table.up.sql": &_bintree_t{_000003_auth_table_up_sql, map[string]*_bintree_t{
 	}},
 }}
--- a/server/services/store/sqlstore/migrations/sqlite_files/000003_auth_table.down.sql
+++ b/server/services/store/sqlstore/migrations/sqlite_files/000003_auth_table.down.sql
@ -0,0 +1,2 @@
+DROP TABLE users;
+DROP TABLE sessions;
--- a/server/services/store/sqlstore/migrations/sqlite_files/000003_auth_table.up.sql
+++ b/server/services/store/sqlstore/migrations/sqlite_files/000003_auth_table.up.sql
@ -0,0 +1,24 @@
+CREATE TABLE IF NOT EXISTS users (
+	id VARCHAR(100),
+	username VARCHAR(100),
+	email VARCHAR(255),
+	password VARCHAR(100),
+    mfa_secret VARCHAR(100),
+    auth_service VARCHAR(20),
+    auth_data VARCHAR(255),
+	props       TEXT,
+	create_at    BIGINT,
+	update_at    BIGINT,
+	delete_at    BIGINT,
+	PRIMARY KEY (id)
+);
+
+CREATE TABLE IF NOT EXISTS sessions (
+	id VARCHAR(100),
+	token VARCHAR(100),
+	user_id VARCHAR(100),
+	props       TEXT,
+	create_at    BIGINT,
+	update_at    BIGINT,
+	PRIMARY KEY (id)
+);
--- a/server/services/store/sqlstore/migrations/sqlite_files/000003_users_table.down.sql
+++ b/server/services/store/sqlstore/migrations/sqlite_files/000003_users_table.down.sql
@ -1 +0,0 @@
-DROP TABLE users;
--- a/server/services/store/sqlstore/migrations/sqlite_files/000003_users_table.up.sql
+++ b/server/services/store/sqlstore/migrations/sqlite_files/000003_users_table.up.sql
@ -1,14 +0,0 @@
-CREATE TABLE IF NOT EXISTS users (
-	id VARCHAR(100),
-	username VARCHAR(100),
-	email VARCHAR(255),
-	password VARCHAR(100),
-    mfa_secret VARCHAR(100),
-    auth_service VARCHAR(20),
-    auth_data VARCHAR(255),
-	Props       TEXT,
-	CreateAt    BIGINT,
-	UpdateAt    BIGINT,
-	DeleteAt    BIGINT,
-	PRIMARY KEY (id)
-);
--- a/server/services/store/sqlstore/session.go
+++ b/server/services/store/sqlstore/session.go
@ -0,0 +1,82 @@
+package sqlstore
+
+import (
+	"encoding/json"
+	"time"
+
+	sq "github.com/Masterminds/squirrel"
+	"github.com/mattermost/mattermost-octo-tasks/server/model"
+)
+
+func (s *SQLStore) GetSession(token string) (*model.Session, error) {
+	query := s.getQueryBuilder().
+		Select("id", "token", "user_id", "props").
+		From("sessions").
+		Where(sq.Eq{"token": token})
+
+	row := query.QueryRow()
+	session := model.Session{}
+
+	var propsBytes []byte
+	err := row.Scan(&session.ID, &session.Token, &session.UserID, &propsBytes)
+	if err != nil {
+		return nil, err
+	}
+
+	err = json.Unmarshal(propsBytes, &session.Props)
+	if err != nil {
+		return nil, err
+	}
+
+	return &session, nil
+}
+
+func (s *SQLStore) CreateSession(session *model.Session) error {
+	now := time.Now().Unix()
+
+	propsBytes, err := json.Marshal(session.Props)
+	if err != nil {
+		return err
+	}
+
+	query := s.getQueryBuilder().Insert("sessions").
+		Columns("id", "token", "user_id", "props", "create_at", "update_at").
+		Values(session.ID, session.Token, session.UserID, propsBytes, now, now)
+
+	_, err = query.Exec()
+	return err
+}
+
+func (s *SQLStore) RefreshSession(session *model.Session) error {
+	now := time.Now().Unix()
+
+	query := s.getQueryBuilder().Update("sessions").
+		Set("update_at", now)
+
+	_, err := query.Exec()
+	return err
+}
+
+func (s *SQLStore) UpdateSession(session *model.Session) error {
+	now := time.Now().Unix()
+
+	propsBytes, err := json.Marshal(session.Props)
+	if err != nil {
+		return err
+	}
+
+	query := s.getQueryBuilder().Update("sessions").
+		Set("update_at", now).
+		Set("props", propsBytes)
+
+	_, err = query.Exec()
+	return err
+}
+
+func (s *SQLStore) DeleteSession(sessionId string) error {
+	query := s.getQueryBuilder().Delete("sessions").
+		Where("id", sessionId)
+
+	_, err := query.Exec()
+	return err
+}
--- a/server/services/store/store.go
+++ b/server/services/store/store.go
@ -22,4 +22,9 @@ type Store interface {
 	GetUserByUsername(username string) (*model.User, error)
 	CreateUser(user *model.User) error
 	UpdateUser(user *model.User) error
+	GetSession(token string) (*model.Session, error)
+	CreateSession(session *model.Session) error
+	RefreshSession(session *model.Session) error
+	UpdateSession(session *model.Session) error
+	DeleteSession(sessionId string) error
 }