knacky/mimic-big
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
df8e4d8ef16852be6e55f3ce34f80f22f86ab07c
mimic-big/backend/src/mimic/db/models/soc_session.py
knacky df8e4d8ef1 feat(backend): add §8 data model + Alembic baseline (B0.2, B0.3) 
- SQLAlchemy 2 typed mapped classes for every spec §8 aggregate:
  engagement, c2_credential, host, user, group, group_permission,
  user_group, engagement_member, ttp, ttp_version, scenario,
  scenario_step, run, run_step, run_step_cleanup, detection, evidence,
  report, soc_session, audit_log.
- Shared mixins: UuidPkMixin (PG_UUID(as_uuid=True)) + TimestampsMixin.
- StrEnum types covering every spec enum (C2Type, PayloadType, UserType,
  EngagementStatus, HostStatus, TtpSource, RunStatus, RunStepStatus,
  CleanupStatus, DetectionLevel, DetectionSource, EvidenceStatus).
- Alembic baseline migration 202605210001_initial_schema: creates every
  table, enum, index, and idempotent grants for the audit_log
  write-only Postgres role (mimic_audit_writer).
- Audit log carries prev_hash / row_hash from v1 (D-009).
- ttp_version table coexists with run.snapshot_json (D-008,
  overrides H32).
2026-05-21 20:32:45 +02:00

49 lines
1.6 KiB
Python
Raw Blame History

"""SOC analyst sessions (bcrypt-hashed opaque tokens).
Decision D-006: bcrypt hash stored; the clear token is generated server-side at
session creation, returned **once** in the API response and delivered out-of-band.
Never re-displayable.
"""
from __future__ import annotations
from datetime import datetime
from typing import TYPE_CHECKING
from uuid import UUID
from sqlalchemy import DateTime, ForeignKey, String
from sqlalchemy.orm import Mapped, mapped_column, relationship
from mimic.db.base import Base, TimestampsMixin, UuidPkMixin
if TYPE_CHECKING:
from mimic.db.models.engagement import Engagement
from mimic.db.models.user import User
class SocSession(UuidPkMixin, TimestampsMixin, Base):
__tablename__ = "soc_session"
user_id: Mapped[UUID] = mapped_column(
ForeignKey("user.id", ondelete="CASCADE"),
nullable=False,
)
engagement_id: Mapped[UUID] = mapped_column(
ForeignKey("engagement.id", ondelete="CASCADE"),
nullable=False,
)
token_hash: Mapped[str] = mapped_column(String(255), nullable=False, unique=True)
# bcrypt hash. Plain token returned once at creation.
expires_at: Mapped[datetime] = mapped_column(
DateTime(timezone=True), nullable=False
)
revoked_at: Mapped[datetime | None] = mapped_column(DateTime(timezone=True))
last_ip: Mapped[str | None] = mapped_column(String(64))
last_user_agent: Mapped[str | None] = mapped_column(String(512))
last_used_at: Mapped[datetime | None] = mapped_column(DateTime(timezone=True))
user: Mapped[User] = relationship(back_populates="soc_sessions")
engagement: Mapped[Engagement] = relationship()
Reference in New Issue View Git Blame Copy Permalink