Count registration also as a login.

2025-09-01 18:40:05 -06:00 · 2025-09-01 18:40:05 -06:00 · 0b285e6ef0
commit 0b285e6ef0
parent 6854ba62d4
2 changed files with 12 additions and 0 deletions
--- a/passkey/db/init.py
+++ b/passkey/db/init.py
@ -337,6 +337,7 @@ class DatabaseInterface(ABC):
                2. Optionally delete old session (e.g. reset token) if provided
                3. Optionally update user's display name
                4. Insert new session referencing the credential
+                5. Update user's last_seen and increment visits (treat as a login)
            """


--- a/passkey/db/sql.py
+++ b/passkey/db/sql.py
@ -414,6 +414,11 @@ class DB(DatabaseInterface):
    ) -> None:
        """Atomic credential + (optional old session delete) + (optional rename) + new session."""
        async with self.session() as session:
+            # Ensure credential has last_used / last_verified for immediate login semantics
+            if credential.last_used is None:
+                credential.last_used = credential.created_at
+            if credential.last_verified is None:
+                credential.last_verified = credential.last_used
            # Insert credential
            session.add(
                CredentialModel(
@ -450,6 +455,12 @@ class DB(DatabaseInterface):
                    info=session_info,
                )
            )
+            # Login side-effects: update user analytics (last_seen + visits increment)
+            await session.execute(
+                update(UserModel)
+                .where(UserModel.uuid == user_uuid.bytes)
+                .values(last_seen=credential.last_used, visits=UserModel.visits + 1)
+            )

    async def delete_credential(self, uuid: UUID, user_uuid: UUID) -> None:
        async with self.session() as session: