azaion/admin
1
0
Fork 0
mirror of https://github.com/azaion/admin.git synced 2026-06-21 21:11:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d2b5308b455baaedbcd9d7d78f777e2ec8247a78
admin/_docs/02_document/modules/common_database_azaion_db.md
T
Oleksandr Bezdieniezhnykh a77b3f8a59 [AZ-529] [AZ-530] Cycle-2 documentation refresh 
Refreshes _docs/02_document/ to reflect the cycle-2 auth-modernization
+ CMMC hardening landings (AZ-531..AZ-538). Authoritative source for
the ripple set is ripple_log_cycle2.md.

Covered:
- architecture.md (section 1 rewritten, ADRs 6-9 added)
- data_model.md (sessions, audit_events, user columns, migrations)
- system-flows.md (F1 rewritten; F11-F17 added; F2/F7/F9 minor)
- module-layout.md (cycle-2 sub-component table)
- diagrams/flows/flow_login.md (dual-token + MFA)
- components/{01_data_layer,03_auth_and_security,05_admin_api}
- modules/ (12 new, 8 modified — full Argon2id/ES256/MFA/refresh
  /mission/session/audit/jwks rollup)
- tests/{blackbox,security,traceability-matrix}

Step 13 (Update Docs) output for cycle 2.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-14 09:22:53 +03:00

2.5 KiB
Raw Blame History

Module: Azaion.Common.Database.AzaionDb

Purpose

linq2db DataConnection subclass representing the application's database context.

Cycle 1 (2026-05-13)DetectionClasses ITable added (AZ-513).

Cycle 2 (2026-05-14)AuditEvents ITable added (AZ-537+534), Sessions ITable added (AZ-531+535+533+534).

Public Interface

Member Type Description
Constructor AzaionDb(DataOptions dataOptions) Initializes connection with pre-configured options
Users ITable<User> Typed accessor for public.users
DetectionClasses ITable<DetectionClass> Typed accessor for public.detection_classes
AuditEvents ITable<AuditEvent> AZ-537+534 — typed accessor for public.audit_events
Sessions ITable<Session> AZ-531+535+533+534 — typed accessor for public.sessions (one row per refresh-token rotation; mission tokens live here too)

Internal Logic

Delegates all connection management to the base DataConnection class. Each property calls this.GetTable<T>(). The actual column mapping and conversions live in AzaionDbShemaHolder.

Dependencies

  • User, DetectionClass, AuditEvent, Session entities
  • linq2db (LinqToDB.Data.DataConnection, LinqToDB.ITable<T>)

Consumers

  • DbFactory — creates AzaionDb instances inside Run/RunAdmin
  • UserService, DetectionClassService, RefreshTokenService, SessionService, MissionTokenService, MfaService, AuditLog — all consume the ITables via IDbFactory.Run/RunAdmin lambdas

Data Models

Provides access to four tables: users, detection_classes, audit_events, sessions.

Configuration

Receives DataOptions (containing connection string + mapping schema) from DbFactory. The schema instance is shared between read and write DataOptions — produced by AzaionDbShemaHolder.GetSchema() once and reused.

External Integrations

PostgreSQL via Npgsql.

Security

None at this level. IDbFactory.Run selects the read-only connection (AzaionDb connection string), RunAdmin selects the read/write one (AzaionDbAdmin). The grant set on each table determines what each connection can do — see data_model.md §Permissions.

Tests

Exercised end-to-end via the e2e suite (e2e/Azaion.E2E/Tests/*). All cycle-2 services have dedicated test files (RefreshTokenFlowTests, LogoutRevocationTests, MissionTokenTests, MfaLoginTests, LoginRateLimitTests, PasswordHashingTests, AsymmetricSigningTests, CorsHttpsTests).

Reference in New Issue View Git Blame Copy Permalink