1
Fork 0
mirror of https://github.com/jech/galene.git synced 2024-11-10 02:35:58 +01:00

Expire expired tokens.

We now remove a token a week after it has expired.
This commit is contained in:
Juliusz Chroboczek 2023-04-04 01:03:02 +02:00
parent e93642f9db
commit adf273f9ea
4 changed files with 128 additions and 16 deletions

View file

@ -149,7 +149,10 @@ func main() {
for { for {
select { select {
case <-ticker.C: case <-ticker.C:
go group.Update() go func() {
group.Update()
token.Expire()
}()
case <-slowTicker.C: case <-slowTicker.C:
go relayTest() go relayTest()
case <-terminate: case <-terminate:

View file

@ -2130,7 +2130,7 @@ function userMenu(elt) {
if(serverConnection.version !== "1" && if(serverConnection.version !== "1" &&
serverConnection.permissions.indexOf('token') >= 0) { serverConnection.permissions.indexOf('token') >= 0) {
items.push({label: 'Invite user', onClick: () => { items.push({label: 'Invite user', onClick: () => {
serverConnection.groupAction('maketoken', units.d); makeToken(null);
}}); }});
} }
if(serverConnection.permissions.indexOf('present') >= 0 && canFile()) if(serverConnection.permissions.indexOf('present') >= 0 && canFile())
@ -3079,19 +3079,18 @@ function editTokenPredicate() {
"You don't have permission to edit or list tokens" : null); "You don't have permission to edit or list tokens" : null);
} }
commands.invite = { /**
predicate: makeTokenPredicate, * @param {string} username
description: "create an invitation link", * @param {number|string} [expires]
parameters: "[username] [expiration]", */
f: (c, r) => { function makeToken(username, expires) {
let p = parseCommand(r);
let v = { let v = {
group: group, group: group,
}; };
if(p[0]) if(username)
v.username = p[0]; v.username = username;
if(p[1]) if(expires)
v.expires = parseExpiration(p[1]); v.expires = expires;
else else
v.expires = units.d; v.expires = units.d;
if(serverConnection.permissions.indexOf('present') >= 0) if(serverConnection.permissions.indexOf('present') >= 0)
@ -3099,6 +3098,15 @@ commands.invite = {
else else
v.permissions = []; v.permissions = [];
serverConnection.groupAction('maketoken', v); serverConnection.groupAction('maketoken', v);
}
commands.invite = {
predicate: makeTokenPredicate,
description: "create an invitation link",
parameters: "[username] [expiration]",
f: (c, r) => {
let p = parseCommand(r);
makeToken(p[0], parseExpiration(p[1]));
} }
} }

View file

@ -355,3 +355,36 @@ func (state *state) List(group string) ([]*Stateful, error) {
func List(group string) ([]*Stateful, error) { func List(group string) ([]*Stateful, error) {
return tokens.List(group) return tokens.List(group)
} }
func (state *state) Expire() error {
state.mu.Lock()
defer state.mu.Unlock()
err := state.load()
if err != nil {
return err
}
now := time.Now()
cutoff := now.Add(-time.Hour * 24 * 7)
modified := false
for k, t := range state.tokens {
if t.Expires.Before(cutoff) {
delete(state.tokens, k)
modified = true
}
}
if modified {
err := state.rewrite()
if err != nil {
return err
}
}
return nil
}
func Expire() error {
return tokens.Expire()
}

View file

@ -292,3 +292,71 @@ func TestTokenStorage(t *testing.T) {
t.Errorf("existence check: %v", err) t.Errorf("existence check: %v", err)
} }
} }
func TestExpire(t *testing.T) {
d := t.TempDir()
s := state{
filename: filepath.Join(d, "test.jsonl"),
}
now := time.Now()
future := now.Add(time.Hour)
past := now.Add(-time.Hour * 24 * 6)
longPast := now.Add(-time.Hour * 24 * 8)
user := "user"
tokens := []*Stateful{
&Stateful{
Token: "tok1",
Group: "test",
Username: &user,
Permissions: []string{"present"},
Expires: &now,
},
&Stateful{
Token: "tok2",
Group: "test",
Username: &user,
Permissions: []string{"present"},
Expires: &future,
},
&Stateful{
Token: "tok3",
Group: "test",
Username: &user,
Permissions: []string{"present"},
Expires: &now,
},
&Stateful{
Token: "tok4",
Group: "test",
Username: &user,
Permissions: []string{"present"},
Expires: &past,
},
&Stateful{
Token: "tok5",
Group: "test",
Username: &user,
Permissions: []string{"present"},
Expires: &longPast,
},
}
for _, token := range tokens {
_, err := s.Add(token)
if err != nil {
t.Errorf("Add: %v", err)
}
}
expectTokens(t, s.tokens, tokens)
expectTokenFile(t, s.filename, tokens)
err := s.Expire()
if err != nil {
t.Errorf("Expire: %v", err)
}
expectTokens(t, s.tokens, tokens[:len(tokens)-1])
expectTokenFile(t, s.filename, tokens[:len(tokens)-1])
}