Moew weork done

storage/passkeySessions.go

@@ -6,6 +6,9 @@ import (
 	"github.com/rs/zerolog/log"
 )
 
+// Session data used during login attempts with a passkey
+// Not actually used afterwards to verify a normal session
+// NOTE: Doesn't contain a DeletedAt field, thus deletions are automatically hard and not reversible
 type PasskeySession struct {
 	ID   string               `gorm:"primarykey"`
 	Data webauthn.SessionData `gorm:"serializer:json"`
@@ -13,12 +16,15 @@ type PasskeySession struct {
 
 // ---- Section SessionStore
 
+// Generate some id for a new session. Just returns a new uuid
 func (s *Storage) GenSessionID() (string, error) {
 	x := uuid.NewString()
 	log.Debug().Str("session-id", x).Msg("Generated new passkey session id")
 	return x, nil
 }
 
+// Look for an active session with a given id
+// Returns the session if found and a bool indicating if a session was found
 func (s *Storage) GetSession(sessionId string) (*webauthn.SessionData, bool) {
 	log.Debug().Str("id", sessionId).Msg("Looking for passkey session")
 	session := PasskeySession{}
@@ -30,6 +36,7 @@ func (s *Storage) GetSession(sessionId string) (*webauthn.SessionData, bool) {
 	return &session.Data, true
 }
 
+// Save (or update) a session with the new data
 func (s *Storage) SaveSession(token string, data *webauthn.SessionData) {
 	log.Debug().Str("id", token).Any("webauthn-data", data).Msg("Saving passkey session")
 	session := PasskeySession{
@@ -39,6 +46,8 @@ func (s *Storage) SaveSession(token string, data *webauthn.SessionData) {
 	s.db.Save(&session)
 }
 
+// Delete a session
+// NOTE: This is a hard delete since the session struct contains no DeletedAt field
 func (s *Storage) DeleteSession(token string) {
 	log.Debug().Str("id", token).Msg("Deleting passkey session (if one exists)")
 	s.db.Delete(&PasskeySession{ID: token})