Delete expired pending logins
This commit is contained in:
parent
6b03c3760a
commit
9b441333a7
|
@ -143,7 +143,16 @@ func DeleteExpiredSessions(ctx context.Context, conn *pgxpool.Pool) (int64, erro
|
|||
return tag.RowsAffected(), nil
|
||||
}
|
||||
|
||||
func PeriodicallyDeleteExpiredSessions(ctx context.Context, conn *pgxpool.Pool) jobs.Job {
|
||||
func DeleteExpiredPendingLogins(ctx context.Context, conn *pgxpool.Pool) (int64, error) {
|
||||
tag, err := conn.Exec(ctx, "DELETE FROM pending_login WHERE expires_at <= CURRENT_TIMESTAMP")
|
||||
if err != nil {
|
||||
return 0, oops.New(err, "failed to delete expired pending logins")
|
||||
}
|
||||
|
||||
return tag.RowsAffected(), nil
|
||||
}
|
||||
|
||||
func PeriodicallyDeleteExpiredStuff(ctx context.Context, conn *pgxpool.Pool) jobs.Job {
|
||||
job := jobs.New()
|
||||
go func() {
|
||||
defer job.Done()
|
||||
|
@ -154,6 +163,7 @@ func PeriodicallyDeleteExpiredSessions(ctx context.Context, conn *pgxpool.Pool)
|
|||
case <-t.C:
|
||||
err := func() (err error) {
|
||||
defer utils.RecoverPanicAsError(&err)
|
||||
|
||||
n, err := DeleteExpiredSessions(ctx, conn)
|
||||
if err == nil {
|
||||
if n > 0 {
|
||||
|
@ -162,10 +172,20 @@ func PeriodicallyDeleteExpiredSessions(ctx context.Context, conn *pgxpool.Pool)
|
|||
} else {
|
||||
logging.Error().Err(err).Msg("Failed to delete expired sessions")
|
||||
}
|
||||
|
||||
n, err = DeleteExpiredPendingLogins(ctx, conn)
|
||||
if err == nil {
|
||||
if n > 0 {
|
||||
logging.Info().Int64("num deleted pending logins", n).Msg("Deleted expired pending logins")
|
||||
}
|
||||
} else {
|
||||
logging.Error().Err(err).Msg("Failed to delete expired pending logins")
|
||||
}
|
||||
|
||||
return nil
|
||||
}()
|
||||
if err != nil {
|
||||
logging.Error().Err(err).Msg("Panicked in PeriodicallyDeleteExpiredSessions")
|
||||
logging.Error().Err(err).Msg("Panicked in PeriodicallyDeleteExpiredStuff")
|
||||
}
|
||||
case <-ctx.Done():
|
||||
return
|
||||
|
|
|
@ -141,8 +141,6 @@ func LoginWithDiscord(c *RequestContext) ResponseData {
|
|||
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to save pending login"))
|
||||
}
|
||||
|
||||
// TODO: EXPIRE THESE
|
||||
|
||||
discordAuthUrl := discord.GetAuthorizeUrl(pendingLogin.ID, true)
|
||||
return c.Redirect(discordAuthUrl, http.StatusSeeOther)
|
||||
}
|
||||
|
|
|
@ -74,6 +74,12 @@ func DiscordOAuthCallback(c *RequestContext) ResponseData {
|
|||
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to look up pending login"))
|
||||
}
|
||||
destinationUrl = pendingLogin.DestinationUrl
|
||||
|
||||
// Delete the pending login; we're done with it
|
||||
_, err = tx.Exec(c, `DELETE FROM pending_login WHERE id = $1`, pendingLogin.ID)
|
||||
if err != nil {
|
||||
c.Logger.Warn().Str("id", pendingLogin.ID).Err(err).Msg("failed to delete pending login")
|
||||
}
|
||||
} else {
|
||||
// Check the state against the current session - if it does not match,
|
||||
// then CSRF'd!!!!
|
||||
|
|
|
@ -43,7 +43,7 @@ var WebsiteCommand = &cobra.Command{
|
|||
}
|
||||
|
||||
backgroundJobsDone := jobs.Zip(
|
||||
auth.PeriodicallyDeleteExpiredSessions(backgroundJobContext, conn),
|
||||
auth.PeriodicallyDeleteExpiredStuff(backgroundJobContext, conn),
|
||||
auth.PeriodicallyDeleteInactiveUsers(backgroundJobContext, conn),
|
||||
perfCollector.Job,
|
||||
discord.RunDiscordBot(backgroundJobContext, conn),
|
||||
|
|
Loading…
Reference in New Issue