forked from Telodendria/Telodendria
Cleanup old user interactive auth sessions.
This commit is contained in:
parent
8c4e6aa594
commit
7a951c980f
4 changed files with 45 additions and 11 deletions
4
TODO.txt
4
TODO.txt
|
@ -24,10 +24,10 @@ Milestone: v0.2.0
|
||||||
[x] Delete refresh token if present
|
[x] Delete refresh token if present
|
||||||
[ ] Logout all
|
[ ] Logout all
|
||||||
[x] Login fallback (static HTML page)
|
[x] Login fallback (static HTML page)
|
||||||
[~] User Interactive
|
[x] User Interactive
|
||||||
[x] Passwords
|
[x] Passwords
|
||||||
[x] Caller builds flows
|
[x] Caller builds flows
|
||||||
[ ] Clean up old sessions
|
[x] Clean up old sessions
|
||||||
|
|
||||||
[ ] Document new User functions
|
[ ] Document new User functions
|
||||||
[ ] Document new JSON functions
|
[ ] Document new JSON functions
|
||||||
|
|
4
src/Db.c
4
src/Db.c
|
@ -829,10 +829,12 @@ DbList(Db * db, size_t nArgs,...)
|
||||||
Free(dir);
|
Free(dir);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
while((file = readdir(files))) {
|
while ((file = readdir(files)))
|
||||||
|
{
|
||||||
if (file->d_type == DT_REG && file->d_namlen > 5)
|
if (file->d_type == DT_REG && file->d_namlen > 5)
|
||||||
{
|
{
|
||||||
int nameOffset = file->d_namlen - 5;
|
int nameOffset = file->d_namlen - 5;
|
||||||
|
|
||||||
if (strcmp(file->d_name + nameOffset, ".json") == 0)
|
if (strcmp(file->d_name + nameOffset, ".json") == 0)
|
||||||
{
|
{
|
||||||
file->d_name[nameOffset] = '\0';
|
file->d_name[nameOffset] = '\0';
|
||||||
|
|
38
src/Uia.c
38
src/Uia.c
|
@ -29,6 +29,7 @@
|
||||||
#include <Array.h>
|
#include <Array.h>
|
||||||
#include <Json.h>
|
#include <Json.h>
|
||||||
#include <Str.h>
|
#include <Str.h>
|
||||||
|
#include <Util.h>
|
||||||
|
|
||||||
#include <Matrix.h>
|
#include <Matrix.h>
|
||||||
#include <User.h>
|
#include <User.h>
|
||||||
|
@ -132,6 +133,7 @@ BuildResponse(Array * flows, Db * db, HashMap ** response, char *session, DbRef
|
||||||
|
|
||||||
json = DbJson(ref);
|
json = DbJson(ref);
|
||||||
HashMapSet(json, "completed", JsonValueArray(ArrayCreate()));
|
HashMapSet(json, "completed", JsonValueArray(ArrayCreate()));
|
||||||
|
HashMapSet(json, "last_access", JsonValueInteger(UtilServerTs()));
|
||||||
DbUnlock(db, ref);
|
DbUnlock(db, ref);
|
||||||
|
|
||||||
HashMapSet(*response, "completed", JsonValueArray(ArrayCreate()));
|
HashMapSet(*response, "completed", JsonValueArray(ArrayCreate()));
|
||||||
|
@ -416,6 +418,7 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
|
||||||
|
|
||||||
finish:
|
finish:
|
||||||
ArrayFree(possibleNext);
|
ArrayFree(possibleNext);
|
||||||
|
JsonValueFree(HashMapSet(dbJson, "last_access", JsonValueInteger(UtilServerTs())));
|
||||||
DbUnlock(db, dbRef);
|
DbUnlock(db, dbRef);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
@ -451,9 +454,38 @@ UiaFlowsFree(Array * flows)
|
||||||
void
|
void
|
||||||
UiaCleanup(MatrixHttpHandlerArgs * args)
|
UiaCleanup(MatrixHttpHandlerArgs * args)
|
||||||
{
|
{
|
||||||
Log(args->lc, LOG_DEBUG, "Purging old user interactive auth sessions...");
|
Array *sessions = DbList(args->db, 1, "user_interactive");
|
||||||
if (!DbDelete(args->db, 1, "user_interactive"))
|
size_t i;
|
||||||
|
|
||||||
|
Log(args->lc, LOG_DEBUG, "User Interactive Auth sessions: %lu",
|
||||||
|
ArraySize(sessions));
|
||||||
|
for (i = 0; i < ArraySize(sessions); i++)
|
||||||
{
|
{
|
||||||
Log(args->lc, LOG_ERR, "Failed to purge user_interactive.");
|
char *session = ArrayGet(sessions, i);
|
||||||
|
DbRef *ref = DbLock(args->db, 2, "user_interactive", session);
|
||||||
|
|
||||||
|
unsigned long lastAccess;
|
||||||
|
|
||||||
|
if (!ref)
|
||||||
|
{
|
||||||
|
Log(args->lc, LOG_ERR, "Unable to lock uia %s for inspection.",
|
||||||
|
session);
|
||||||
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
lastAccess = JsonValueAsInteger(HashMapGet(DbJson(ref), "last_access"));
|
||||||
|
|
||||||
|
/* If last access was greater than 15 minutes ago, remove this
|
||||||
|
* session */
|
||||||
|
if (UtilServerTs() - lastAccess > 1000 * 60 * 15)
|
||||||
|
{
|
||||||
|
DbUnlock(args->db, ref);
|
||||||
|
DbDelete(args->db, 2, "user_interactive", session);
|
||||||
|
Log(args->lc, LOG_DEBUG, "Deleted session %s", session);
|
||||||
|
}
|
||||||
|
|
||||||
|
DbUnlock(args->db, ref);
|
||||||
|
}
|
||||||
|
|
||||||
|
DbListFree(sessions);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue