Periodically purge old user interactive auth sessions.

Keeping them around is going to take up a lot of storage. If it takes more
than a half hour for a client to complete the auth, make him start over.
This commit is contained in:
Jordan Bancino 2022-12-28 15:52:19 +00:00
parent fbd7bf5944
commit d9d88eb028
2 changed files with 19 additions and 13 deletions

View file

@ -68,7 +68,8 @@ TelodendriaMemoryHook(MemoryAction a, MemoryInfo * i, void *args)
break; break;
} }
Log(lc, LOG_DEBUG, "%s:%d: %s %lu bytes of memory at %p.", Log(lc, a == MEMORY_BAD_POINTER ? LOG_WARNING : LOG_DEBUG,
"%s:%d: %s %lu bytes of memory at %p.",
MemoryInfoGetFile(i), MemoryInfoGetLine(i), MemoryInfoGetFile(i), MemoryInfoGetLine(i),
action, MemoryInfoGetSize(i), action, MemoryInfoGetSize(i),
MemoryInfoGetPointer(i)); MemoryInfoGetPointer(i));

View file

@ -70,19 +70,21 @@ UserInteractiveAuth(HttpServerContext * context, Db * db,
HashMap *persist; HashMap *persist;
char *session = UtilRandomString(24); char *session = UtilRandomString(24);
ref = DbCreate(db, 2, "user_interactive", session); ref = DbLock(db, 1, "user_interactive");
if (!ref)
{
ref = DbCreate(db, 1, "user_interactive");
}
persist = DbJson(ref); persist = DbJson(ref);
HashMapSet(persist, session, JsonValueNull());
HashMapSet(persist, "created",
JsonValueInteger(UtilServerTs()));
HashMapSet(persist, "completed", JsonValueBoolean(0));
DbUnlock(db, ref); DbUnlock(db, ref);
HttpResponseStatus(context, HTTP_UNAUTHORIZED); HttpResponseStatus(context, HTTP_UNAUTHORIZED);
response = BuildDummyFlow(); response = BuildDummyFlow();
HashMapSet(response, "session", JsonValueString(session)); HashMapSet(response, "session",
JsonValueString(UtilStringDuplicate(session)));
return response; return response;
} }
@ -118,10 +120,10 @@ UserInteractiveAuth(HttpServerContext * context, Db * db,
return MatrixErrorCreate(M_INVALID_PARAM); return MatrixErrorCreate(M_INVALID_PARAM);
} }
/* Check to see if session exists */ ref = DbLock(db, 1, "user_interactive");
ref = DbLock(db, 2, "user_interactive", sessionStr);
if (!ref) /* Check to see if session exists */
if (!ref || !HashMapGet(DbJson(ref), sessionStr))
{ {
HttpResponseStatus(context, HTTP_BAD_REQUEST); HttpResponseStatus(context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNKNOWN); return MatrixErrorCreate(M_UNKNOWN);
@ -129,7 +131,6 @@ UserInteractiveAuth(HttpServerContext * context, Db * db,
/* We only need to know that it exists. */ /* We only need to know that it exists. */
DbUnlock(db, ref); DbUnlock(db, ref);
DbDelete(db, 2, "user_interactive", sessionStr);
return NULL; /* All good, auth successful */ return NULL; /* All good, auth successful */
} }
@ -138,4 +139,8 @@ void
UserInteractiveAuthCleanup(MatrixHttpHandlerArgs * args) UserInteractiveAuthCleanup(MatrixHttpHandlerArgs * args)
{ {
Log(args->lc, LOG_DEBUG, "Purging old user interactive auth sessions..."); Log(args->lc, LOG_DEBUG, "Purging old user interactive auth sessions...");
if (!DbDelete(args->db, 1, "user_interactive"))
{
Log(args->lc, LOG_ERR, "Failed to purge user_interactive.");
}
} }