session

Femto.Modules.Auth/Application/Commands/ValidateSession/ValidateSessionCommand.cs

@@ -0,0 +1,6 @@
+using Femto.Common.Domain;
+using Femto.Modules.Auth.Application.Dto;
+
+namespace Femto.Modules.Auth.Application.Commands.ValidateSession;
+
+public record ValidateSessionCommand(string SessionId) : ICommand<ValidateSessionResult>;

Femto.Modules.Auth/Application/Commands/ValidateSession/ValidateSessionCommandHandler.cs

@@ -0,0 +1,34 @@
+using Femto.Common.Domain;
+using Femto.Modules.Auth.Application.Dto;
+using Femto.Modules.Auth.Data;
+using Microsoft.EntityFrameworkCore;
+
+namespace Femto.Modules.Auth.Application.Commands.ValidateSession;
+
+internal class ValidateSessionCommandHandler(AuthContext context)
+    : ICommandHandler<ValidateSessionCommand, ValidateSessionResult>
+{
+    public async Task<ValidateSessionResult> Handle(
+        ValidateSessionCommand request,
+        CancellationToken cancellationToken
+    )
+    {
+        var now = DateTimeOffset.UtcNow;
+
+        var user = await context.Users.SingleOrDefaultAsync(
+            u => u.Sessions.Any(s => s.Id == request.SessionId && s.Expires > now),
+            cancellationToken
+        );
+
+        if (user is null)
+            throw new DomainException("invalid session");
+
+        var session = user.StartNewSession();
+
+        return new ValidateSessionResult(
+            new Session(session.Id, session.Expires),
+            user.Id,
+            user.Username
+        );
+    }
+}