forked from collabvm/CollabVMAuthServer
add unverified account and session expiry
This commit is contained in:
parent
130baa8863
commit
c7f3cb3441
4 changed files with 75 additions and 2 deletions
58
CollabVMAuthServer/Cron.cs
Normal file
58
CollabVMAuthServer/Cron.cs
Normal file
|
@ -0,0 +1,58 @@
|
||||||
|
using Timer = System.Timers.Timer;
|
||||||
|
|
||||||
|
namespace Computernewb.CollabVMAuthServer;
|
||||||
|
|
||||||
|
public static class Cron
|
||||||
|
{
|
||||||
|
private static Timer timer = new Timer();
|
||||||
|
|
||||||
|
public static async Task Start()
|
||||||
|
{
|
||||||
|
#if DEBUG
|
||||||
|
timer.Interval = 1000 * 60; // 60 seconds
|
||||||
|
#else
|
||||||
|
timer.Interval = 1000 * 60 * 10; // 10 minutes
|
||||||
|
#endif
|
||||||
|
timer.Elapsed += async (sender, e) => await RunAll();
|
||||||
|
await RunAll();
|
||||||
|
timer.Start();
|
||||||
|
}
|
||||||
|
|
||||||
|
public static void Stop()
|
||||||
|
{
|
||||||
|
timer.Stop();
|
||||||
|
timer.Interval = 1000 * 60 * 10;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static async Task RunAll()
|
||||||
|
{
|
||||||
|
Utilities.Log(LogLevel.INFO, "Running all cron jobs");
|
||||||
|
var t = new List<Task>();
|
||||||
|
t.Add(PurgeOldSessions());
|
||||||
|
if (Program.Config.Registration.EmailVerificationRequired) t.Add(ExpireAccounts());
|
||||||
|
await Task.WhenAll(t);
|
||||||
|
Utilities.Log(LogLevel.INFO, "Finished running all cron jobs");
|
||||||
|
}
|
||||||
|
// Expire unverified accounts after 2 days. Don't purge if the code is null
|
||||||
|
public static async Task ExpireAccounts()
|
||||||
|
{
|
||||||
|
Utilities.Log(LogLevel.INFO, "Purging unverified accounts");
|
||||||
|
var minDate = DateTime.UtcNow - TimeSpan.FromDays(2);
|
||||||
|
int a = await Program.Database.ExecuteNonQuery("DELETE FROM users WHERE email_verified = 0 AND created < @minDate AND email_verification_code IS NOT NULL",
|
||||||
|
[
|
||||||
|
new KeyValuePair<string, object>("minDate", minDate)
|
||||||
|
]);
|
||||||
|
Utilities.Log(LogLevel.INFO, $"Purged {a} unverified accounts");
|
||||||
|
}
|
||||||
|
|
||||||
|
public static async Task PurgeOldSessions()
|
||||||
|
{
|
||||||
|
Utilities.Log(LogLevel.INFO, "Purging old sessions");
|
||||||
|
var expiryDate = DateTime.UtcNow - TimeSpan.FromDays(Program.Config.Accounts.SessionExpiryDays);
|
||||||
|
int a = await Program.Database.ExecuteNonQuery("DELETE FROM sessions WHERE last_used < @expiryDate",
|
||||||
|
[
|
||||||
|
new KeyValuePair<string, object>("expiryDate", expiryDate)
|
||||||
|
]);
|
||||||
|
Utilities.Log(LogLevel.INFO, $"Purged {a} old sessions");
|
||||||
|
}
|
||||||
|
}
|
|
@ -518,13 +518,17 @@ public class Database
|
||||||
await cmd.ExecuteNonQueryAsync();
|
await cmd.ExecuteNonQueryAsync();
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task ExecuteNonQuery(string query)
|
public async Task<int> ExecuteNonQuery(string query, KeyValuePair<string, object>[]? parameters = null)
|
||||||
{
|
{
|
||||||
await using var db = new MySqlConnection(connectionString);
|
await using var db = new MySqlConnection(connectionString);
|
||||||
await db.OpenAsync();
|
await db.OpenAsync();
|
||||||
await using var cmd = db.CreateCommand();
|
await using var cmd = db.CreateCommand();
|
||||||
cmd.CommandText = query;
|
cmd.CommandText = query;
|
||||||
await cmd.ExecuteNonQueryAsync();
|
if (parameters != null) foreach (KeyValuePair<string, object> param in parameters)
|
||||||
|
{
|
||||||
|
cmd.Parameters.AddWithValue(param.Key, param.Value);
|
||||||
|
}
|
||||||
|
return await cmd.ExecuteNonQueryAsync();
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task SetBanned(string username, bool banned, string? reason)
|
public async Task SetBanned(string username, bool banned, string? reason)
|
||||||
|
|
|
@ -25,6 +25,15 @@ public static class Routes
|
||||||
|
|
||||||
private static async Task<IResult> HandleSendReset(HttpContext context)
|
private static async Task<IResult> HandleSendReset(HttpContext context)
|
||||||
{
|
{
|
||||||
|
if (!Program.Config.SMTP.Enabled)
|
||||||
|
{
|
||||||
|
context.Response.StatusCode = 400;
|
||||||
|
return Results.Json(new SendResetEmailResponse
|
||||||
|
{
|
||||||
|
success = false,
|
||||||
|
error = "Password reset is not supported by this server. Please contact an administrator."
|
||||||
|
}, Utilities.JsonSerializerOptions);
|
||||||
|
}
|
||||||
// Check payload
|
// Check payload
|
||||||
if (context.Request.ContentType != "application/json")
|
if (context.Request.ContentType != "application/json")
|
||||||
{
|
{
|
||||||
|
|
|
@ -55,6 +55,8 @@ public class Program
|
||||||
var uc = await Database.CountUsers();
|
var uc = await Database.CountUsers();
|
||||||
Utilities.Log(LogLevel.INFO, $"{uc} users in database");
|
Utilities.Log(LogLevel.INFO, $"{uc} users in database");
|
||||||
if (uc == 0) Utilities.Log(LogLevel.WARN, "No users in database, first user will be promoted to admin");
|
if (uc == 0) Utilities.Log(LogLevel.WARN, "No users in database, first user will be promoted to admin");
|
||||||
|
// Init cron
|
||||||
|
await Cron.Start();
|
||||||
// Create mailer
|
// Create mailer
|
||||||
if (!Config.SMTP.Enabled && Config.Registration.EmailVerificationRequired)
|
if (!Config.SMTP.Enabled && Config.Registration.EmailVerificationRequired)
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue