| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657 |
- package auth
- import (
- "context"
- "time"
- )
- func (srv *UserAuthTokenService) Run(ctx context.Context) error {
- ticker := time.NewTicker(time.Hour)
- maxInactiveLifetime := time.Duration(srv.Cfg.LoginMaxInactiveLifetimeDays) * 24 * time.Hour
- maxLifetime := time.Duration(srv.Cfg.LoginMaxLifetimeDays) * 24 * time.Hour
- err := srv.ServerLockService.LockAndExecute(ctx, "cleanup expired auth tokens", time.Hour*12, func() {
- srv.deleteExpiredTokens(maxInactiveLifetime, maxLifetime)
- })
- if err != nil {
- srv.log.Error("failed to lock and execite cleanup of expired auth token", "erro", err)
- }
- for {
- select {
- case <-ticker.C:
- err := srv.ServerLockService.LockAndExecute(ctx, "cleanup expired auth tokens", time.Hour*12, func() {
- srv.deleteExpiredTokens(maxInactiveLifetime, maxLifetime)
- })
- if err != nil {
- srv.log.Error("failed to lock and execite cleanup of expired auth token", "erro", err)
- }
- case <-ctx.Done():
- return ctx.Err()
- }
- }
- }
- func (srv *UserAuthTokenService) deleteExpiredTokens(maxInactiveLifetime, maxLifetime time.Duration) (int64, error) {
- createdBefore := getTime().Add(-maxLifetime)
- rotatedBefore := getTime().Add(-maxInactiveLifetime)
- srv.log.Debug("starting cleanup of expired auth tokens", "createdBefore", createdBefore, "rotatedBefore", rotatedBefore)
- sql := `DELETE from user_auth_token WHERE created_at <= ? OR rotated_at <= ?`
- res, err := srv.SQLStore.NewSession().Exec(sql, createdBefore.Unix(), rotatedBefore.Unix())
- if err != nil {
- return 0, err
- }
- affected, err := res.RowsAffected()
- if err != nil {
- srv.log.Error("failed to cleanup expired auth tokens", "error", err)
- return 0, nil
- }
- srv.log.Debug("cleanup of expired auth tokens done", "count", affected)
- return affected, err
- }
|
