Skip to content

Sessions

sessions

Session management API endpoints.

Provides endpoints for managing user sessions including listing, viewing, and revoking active sessions.

Classes

Functions

list_sessions 

list_sessions(
    session: Session = Depends(get_session),
    current_user: User = Depends(get_current_user),
)

List all active sessions for the current user.

Source code in fastauth/api/sessions.py 
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
@router.get("", response_model=SessionListResponse)
def list_sessions(
    session: Session = Depends(get_session),
    current_user: User = Depends(get_current_user),
):
    """
    List all active sessions for the current user.
    """
    adapters = AdapterFactory(session=session)

    user_sessions = get_user_sessions(
        sessions=adapters.sessions,
        user_id=current_user.id,
    )

    return SessionListResponse(
        sessions=[
            SessionResponse(
                id=s.id,
                device=s.device,
                ip_address=s.ip_address,
                user_agent=s.user_agent,
                last_active=s.last_active.isoformat(),
                created_at=s.created_at.isoformat(),
            )
            for s in user_sessions
        ]
    )

delete_all_sessions 

delete_all_sessions(
    session: Session = Depends(get_session),
    current_user: User = Depends(get_current_user),
)

Delete all sessions for the current user except the current one. Note: This will log out the user from all other devices.

Source code in fastauth/api/sessions.py 
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
@router.delete("/all", response_model=MessageResponse)
def delete_all_sessions(
    session: Session = Depends(get_session),
    current_user: User = Depends(get_current_user),
):
    """
    Delete all sessions for the current user except the current one.
    Note: This will log out the user from all other devices.
    """
    adapters = AdapterFactory(session=session)

    delete_all_user_sessions(
        sessions=adapters.sessions,
        user_id=current_user.id,
        except_session_id=None,
    )

    return MessageResponse(message="All sessions deleted successfully")

delete_user_session 

delete_user_session(
    session_id: UUID,
    session: Session = Depends(get_session),
    current_user: User = Depends(get_current_user),
)

Delete a specific session. Users can only delete their own sessions.

Source code in fastauth/api/sessions.py 
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
@router.delete("/{session_id}", response_model=MessageResponse)
def delete_user_session(
    session_id: uuid.UUID,
    session: Session = Depends(get_session),
    current_user: User = Depends(get_current_user),
):
    """
    Delete a specific session. Users can only delete their own sessions.
    """
    adapters = AdapterFactory(session=session)

    try:
        delete_session(
            sessions=adapters.sessions,
            session_id=session_id,
            user_id=current_user.id,
        )
    except SessionNotFoundError:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="Session not found",
        )

    return MessageResponse(message="Session deleted successfully")