Cleanup old user interactive auth sessions.

This commit is contained in:
Jordan Bancino 2023-03-01 19:52:44 +00:00
parent 8c4e6aa594
commit 7a951c980f
4 changed files with 45 additions and 11 deletions

View file

@ -24,10 +24,10 @@ Milestone: v0.2.0
[x] Delete refresh token if present [x] Delete refresh token if present
[ ] Logout all [ ] Logout all
[x] Login fallback (static HTML page) [x] Login fallback (static HTML page)
[~] User Interactive [x] User Interactive
[x] Passwords [x] Passwords
[x] Caller builds flows [x] Caller builds flows
[ ] Clean up old sessions [x] Clean up old sessions
[ ] Document new User functions [ ] Document new User functions
[ ] Document new JSON functions [ ] Document new JSON functions

View file

@ -829,10 +829,12 @@ DbList(Db * db, size_t nArgs,...)
Free(dir); Free(dir);
return NULL; return NULL;
} }
while((file = readdir(files))) { while ((file = readdir(files)))
{
if (file->d_type == DT_REG && file->d_namlen > 5) if (file->d_type == DT_REG && file->d_namlen > 5)
{ {
int nameOffset = file->d_namlen - 5; int nameOffset = file->d_namlen - 5;
if (strcmp(file->d_name + nameOffset, ".json") == 0) if (strcmp(file->d_name + nameOffset, ".json") == 0)
{ {
file->d_name[nameOffset] = '\0'; file->d_name[nameOffset] = '\0';

View file

@ -29,6 +29,7 @@
#include <Array.h> #include <Array.h>
#include <Json.h> #include <Json.h>
#include <Str.h> #include <Str.h>
#include <Util.h>
#include <Matrix.h> #include <Matrix.h>
#include <User.h> #include <User.h>
@ -132,6 +133,7 @@ BuildResponse(Array * flows, Db * db, HashMap ** response, char *session, DbRef
json = DbJson(ref); json = DbJson(ref);
HashMapSet(json, "completed", JsonValueArray(ArrayCreate())); HashMapSet(json, "completed", JsonValueArray(ArrayCreate()));
HashMapSet(json, "last_access", JsonValueInteger(UtilServerTs()));
DbUnlock(db, ref); DbUnlock(db, ref);
HashMapSet(*response, "completed", JsonValueArray(ArrayCreate())); HashMapSet(*response, "completed", JsonValueArray(ArrayCreate()));
@ -416,6 +418,7 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
finish: finish:
ArrayFree(possibleNext); ArrayFree(possibleNext);
JsonValueFree(HashMapSet(dbJson, "last_access", JsonValueInteger(UtilServerTs())));
DbUnlock(db, dbRef); DbUnlock(db, dbRef);
return ret; return ret;
} }
@ -451,9 +454,38 @@ UiaFlowsFree(Array * flows)
void void
UiaCleanup(MatrixHttpHandlerArgs * args) UiaCleanup(MatrixHttpHandlerArgs * args)
{ {
Log(args->lc, LOG_DEBUG, "Purging old user interactive auth sessions..."); Array *sessions = DbList(args->db, 1, "user_interactive");
if (!DbDelete(args->db, 1, "user_interactive")) size_t i;
Log(args->lc, LOG_DEBUG, "User Interactive Auth sessions: %lu",
ArraySize(sessions));
for (i = 0; i < ArraySize(sessions); i++)
{ {
Log(args->lc, LOG_ERR, "Failed to purge user_interactive."); char *session = ArrayGet(sessions, i);
DbRef *ref = DbLock(args->db, 2, "user_interactive", session);
unsigned long lastAccess;
if (!ref)
{
Log(args->lc, LOG_ERR, "Unable to lock uia %s for inspection.",
session);
continue;
} }
lastAccess = JsonValueAsInteger(HashMapGet(DbJson(ref), "last_access"));
/* If last access was greater than 15 minutes ago, remove this
* session */
if (UtilServerTs() - lastAccess > 1000 * 60 * 15)
{
DbUnlock(args->db, ref);
DbDelete(args->db, 2, "user_interactive", session);
Log(args->lc, LOG_DEBUG, "Deleted session %s", session);
}
DbUnlock(args->db, ref);
}
DbListFree(sessions);
} }