knacky/mimic-big
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
df8e4d8ef16852be6e55f3ce34f80f22f86ab07c
mimic-big/backend/src/mimic/db/models/soc_session.py

49 lines
1.6 KiB
Python
Raw Normal View History

feat(backend): add §8 data model + Alembic baseline (B0.2, B0.3) - SQLAlchemy 2 typed mapped classes for every spec §8 aggregate: engagement, c2_credential, host, user, group, group_permission, user_group, engagement_member, ttp, ttp_version, scenario, scenario_step, run, run_step, run_step_cleanup, detection, evidence, report, soc_session, audit_log. - Shared mixins: UuidPkMixin (PG_UUID(as_uuid=True)) + TimestampsMixin. - StrEnum types covering every spec enum (C2Type, PayloadType, UserType, EngagementStatus, HostStatus, TtpSource, RunStatus, RunStepStatus, CleanupStatus, DetectionLevel, DetectionSource, EvidenceStatus). - Alembic baseline migration 202605210001_initial_schema: creates every table, enum, index, and idempotent grants for the audit_log write-only Postgres role (mimic_audit_writer). - Audit log carries prev_hash / row_hash from v1 (D-009). - ttp_version table coexists with run.snapshot_json (D-008, overrides H32).
2026-05-21 20:32:45 +02:00
"""SOC analyst sessions (bcrypt-hashed opaque tokens).
Decision D-006: bcrypt hash stored; the clear token is generated server-side at
session creation, returned **once** in the API response and delivered out-of-band.
Never re-displayable.
"""
from __future__ import annotations
from datetime import datetime
from typing import TYPE_CHECKING
from uuid import UUID
from sqlalchemy import DateTime, ForeignKey, String
from sqlalchemy.orm import Mapped, mapped_column, relationship
from mimic.db.base import Base, TimestampsMixin, UuidPkMixin
if TYPE_CHECKING:
from mimic.db.models.engagement import Engagement
from mimic.db.models.user import User
class SocSession(UuidPkMixin, TimestampsMixin, Base):
__tablename__ = "soc_session"
user_id: Mapped[UUID] = mapped_column(
ForeignKey("user.id", ondelete="CASCADE"),
nullable=False,
)
engagement_id: Mapped[UUID] = mapped_column(
ForeignKey("engagement.id", ondelete="CASCADE"),
nullable=False,
)
token_hash: Mapped[str] = mapped_column(String(255), nullable=False, unique=True)
# bcrypt hash. Plain token returned once at creation.
expires_at: Mapped[datetime] = mapped_column(
DateTime(timezone=True), nullable=False
)
revoked_at: Mapped[datetime | None] = mapped_column(DateTime(timezone=True))
last_ip: Mapped[str | None] = mapped_column(String(64))
last_user_agent: Mapped[str | None] = mapped_column(String(512))
last_used_at: Mapped[datetime | None] = mapped_column(DateTime(timezone=True))
user: Mapped[User] = relationship(back_populates="soc_sessions")
engagement: Mapped[Engagement] = relationship()
Reference in New Issue Copy Permalink