Delete expired pending logins
This commit is contained in:
parent
6b03c3760a
commit
9b441333a7
|
@ -143,7 +143,16 @@ func DeleteExpiredSessions(ctx context.Context, conn *pgxpool.Pool) (int64, erro
|
||||||
return tag.RowsAffected(), nil
|
return tag.RowsAffected(), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func PeriodicallyDeleteExpiredSessions(ctx context.Context, conn *pgxpool.Pool) jobs.Job {
|
func DeleteExpiredPendingLogins(ctx context.Context, conn *pgxpool.Pool) (int64, error) {
|
||||||
|
tag, err := conn.Exec(ctx, "DELETE FROM pending_login WHERE expires_at <= CURRENT_TIMESTAMP")
|
||||||
|
if err != nil {
|
||||||
|
return 0, oops.New(err, "failed to delete expired pending logins")
|
||||||
|
}
|
||||||
|
|
||||||
|
return tag.RowsAffected(), nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func PeriodicallyDeleteExpiredStuff(ctx context.Context, conn *pgxpool.Pool) jobs.Job {
|
||||||
job := jobs.New()
|
job := jobs.New()
|
||||||
go func() {
|
go func() {
|
||||||
defer job.Done()
|
defer job.Done()
|
||||||
|
@ -154,6 +163,7 @@ func PeriodicallyDeleteExpiredSessions(ctx context.Context, conn *pgxpool.Pool)
|
||||||
case <-t.C:
|
case <-t.C:
|
||||||
err := func() (err error) {
|
err := func() (err error) {
|
||||||
defer utils.RecoverPanicAsError(&err)
|
defer utils.RecoverPanicAsError(&err)
|
||||||
|
|
||||||
n, err := DeleteExpiredSessions(ctx, conn)
|
n, err := DeleteExpiredSessions(ctx, conn)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
if n > 0 {
|
if n > 0 {
|
||||||
|
@ -162,10 +172,20 @@ func PeriodicallyDeleteExpiredSessions(ctx context.Context, conn *pgxpool.Pool)
|
||||||
} else {
|
} else {
|
||||||
logging.Error().Err(err).Msg("Failed to delete expired sessions")
|
logging.Error().Err(err).Msg("Failed to delete expired sessions")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
n, err = DeleteExpiredPendingLogins(ctx, conn)
|
||||||
|
if err == nil {
|
||||||
|
if n > 0 {
|
||||||
|
logging.Info().Int64("num deleted pending logins", n).Msg("Deleted expired pending logins")
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
logging.Error().Err(err).Msg("Failed to delete expired pending logins")
|
||||||
|
}
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}()
|
}()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logging.Error().Err(err).Msg("Panicked in PeriodicallyDeleteExpiredSessions")
|
logging.Error().Err(err).Msg("Panicked in PeriodicallyDeleteExpiredStuff")
|
||||||
}
|
}
|
||||||
case <-ctx.Done():
|
case <-ctx.Done():
|
||||||
return
|
return
|
||||||
|
|
|
@ -141,8 +141,6 @@ func LoginWithDiscord(c *RequestContext) ResponseData {
|
||||||
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to save pending login"))
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to save pending login"))
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: EXPIRE THESE
|
|
||||||
|
|
||||||
discordAuthUrl := discord.GetAuthorizeUrl(pendingLogin.ID, true)
|
discordAuthUrl := discord.GetAuthorizeUrl(pendingLogin.ID, true)
|
||||||
return c.Redirect(discordAuthUrl, http.StatusSeeOther)
|
return c.Redirect(discordAuthUrl, http.StatusSeeOther)
|
||||||
}
|
}
|
||||||
|
|
|
@ -74,6 +74,12 @@ func DiscordOAuthCallback(c *RequestContext) ResponseData {
|
||||||
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to look up pending login"))
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to look up pending login"))
|
||||||
}
|
}
|
||||||
destinationUrl = pendingLogin.DestinationUrl
|
destinationUrl = pendingLogin.DestinationUrl
|
||||||
|
|
||||||
|
// Delete the pending login; we're done with it
|
||||||
|
_, err = tx.Exec(c, `DELETE FROM pending_login WHERE id = $1`, pendingLogin.ID)
|
||||||
|
if err != nil {
|
||||||
|
c.Logger.Warn().Str("id", pendingLogin.ID).Err(err).Msg("failed to delete pending login")
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
// Check the state against the current session - if it does not match,
|
// Check the state against the current session - if it does not match,
|
||||||
// then CSRF'd!!!!
|
// then CSRF'd!!!!
|
||||||
|
|
|
@ -43,7 +43,7 @@ var WebsiteCommand = &cobra.Command{
|
||||||
}
|
}
|
||||||
|
|
||||||
backgroundJobsDone := jobs.Zip(
|
backgroundJobsDone := jobs.Zip(
|
||||||
auth.PeriodicallyDeleteExpiredSessions(backgroundJobContext, conn),
|
auth.PeriodicallyDeleteExpiredStuff(backgroundJobContext, conn),
|
||||||
auth.PeriodicallyDeleteInactiveUsers(backgroundJobContext, conn),
|
auth.PeriodicallyDeleteInactiveUsers(backgroundJobContext, conn),
|
||||||
perfCollector.Job,
|
perfCollector.Job,
|
||||||
discord.RunDiscordBot(backgroundJobContext, conn),
|
discord.RunDiscordBot(backgroundJobContext, conn),
|
||||||
|
|
Loading…
Reference in New Issue