feat: initial oauth2 token revoking
This commit is contained in:
@@ -4,6 +4,8 @@ use revolt_result::Result;
|
||||
use tasks::{file_deletion, prune_dangling_files};
|
||||
use tokio::try_join;
|
||||
|
||||
use crate::tasks::prune_authorized_bots;
|
||||
|
||||
pub mod tasks;
|
||||
|
||||
#[tokio::main]
|
||||
@@ -13,7 +15,8 @@ async fn main() -> Result<()> {
|
||||
let db = DatabaseInfo::Auto.connect().await.expect("database");
|
||||
try_join!(
|
||||
file_deletion::task(db.clone()),
|
||||
prune_dangling_files::task(db)
|
||||
prune_dangling_files::task(db.clone()),
|
||||
prune_authorized_bots::task(db.clone()),
|
||||
)
|
||||
.map(|_| ())
|
||||
}
|
||||
|
||||
@@ -1,2 +1,3 @@
|
||||
pub mod file_deletion;
|
||||
pub mod prune_dangling_files;
|
||||
pub mod prune_authorized_bots;
|
||||
24
crates/daemons/crond/src/tasks/prune_authorized_bots.rs
Normal file
24
crates/daemons/crond/src/tasks/prune_authorized_bots.rs
Normal file
@@ -0,0 +1,24 @@
|
||||
use revolt_database::{iso8601_timestamp::{Duration, Timestamp}, util::oauth2::TokenType, Database};
|
||||
use revolt_result::Result;
|
||||
use tokio::time::sleep;
|
||||
|
||||
use log::info;
|
||||
|
||||
pub async fn task(db: Database) -> Result<()> {
|
||||
let lifetime = Duration::new(TokenType::Access.lifetime().num_seconds(), 0);
|
||||
|
||||
loop {
|
||||
let deauthorized_bots = db.fetch_deauthorized_authorized_bots().await?;
|
||||
|
||||
for bot in deauthorized_bots {
|
||||
if let Some(deauthorized_at) = &bot.deauthorized_at {
|
||||
if deauthorized_at.saturating_add(lifetime) < Timestamp::now_utc() {
|
||||
db.delete_authorized_bot(&bot.id).await?;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
// 1 hour
|
||||
sleep(std::time::Duration::from_secs(60 * 60)).await;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user