feat(api): add last_authenticated_at timestamp to api requests

app/controllers/api/v2/base_controller.rb

@@ -39,7 +39,9 @@ class API::V2::BaseController < ApplicationController
 
   def api_token
     if @api_token.nil?
-      @api_token = APIToken.find_and_verify(authorization_bearer_token) || false
+      @api_token = APIToken
+        .find_and_verify(authorization_bearer_token)
+        &.tap { _1.touch(:last_v2_authenticated_at) } || false
     end
     @api_token
   end

app/controllers/api_controller.rb

@@ -6,6 +6,7 @@ class APIController < ApplicationController
   def find_administrateur_for_token(procedure)
     api_token = APIToken.find_and_verify(authorization_bearer_token, procedure.administrateurs)
     if api_token.present? && api_token.context.fetch(:procedure_ids).include?(procedure.id)
+      api_token.touch(:last_v1_authenticated_at)
       api_token.administrateur
     end
   end

app/graphql/api/v2/context.rb

@@ -73,6 +73,7 @@ class API::V2::Context < GraphQL::Query::Context
     elsif self[:token].present?
       token = APIToken.find_and_verify(self[:token], demarche.administrateurs)
       if token.present?
+        token.touch(:last_v2_authenticated_at)
         Current.user = token.administrateur.user
         true
       else

app/models/administrateur.rb

@@ -20,7 +20,10 @@ class Administrateur < ApplicationRecord
       .where.missing(:services)
       .left_outer_joins(:administrateurs_procedures) # needed to bypass procedure hidden default scope
       .where(administrateurs_procedures: { procedure_id: nil })
-      .where("users.last_sign_in_at < ? ", UNUSED_ADMIN_THRESHOLD.ago)
+      .includes(:api_tokens)
+      .where(users: { last_sign_in_at: ..UNUSED_ADMIN_THRESHOLD.ago })
+      .merge(APIToken.where(last_v1_authenticated_at: nil).or(APIToken.where(last_v1_authenticated_at: ..UNUSED_ADMIN_THRESHOLD.ago)))
+      .merge(APIToken.where(last_v2_authenticated_at: nil).or(APIToken.where(last_v2_authenticated_at: ..UNUSED_ADMIN_THRESHOLD.ago)))
   end
 
   def self.by_email(email)