feat: initial oauth2 token revoking

This commit is contained in:
Zomatree
2025-07-02 03:45:43 +01:00
parent 5a5f84f207
commit 660e646b2b
19 changed files with 358 additions and 8 deletions

View File

@@ -4,6 +4,8 @@ use revolt_result::Result;
use tasks::{file_deletion, prune_dangling_files};
use tokio::try_join;
use crate::tasks::prune_authorized_bots;
pub mod tasks;
#[tokio::main]
@@ -13,7 +15,8 @@ async fn main() -> Result<()> {
let db = DatabaseInfo::Auto.connect().await.expect("database");
try_join!(
file_deletion::task(db.clone()),
prune_dangling_files::task(db)
prune_dangling_files::task(db.clone()),
prune_authorized_bots::task(db.clone()),
)
.map(|_| ())
}

View File

@@ -1,2 +1,3 @@
pub mod file_deletion;
pub mod prune_dangling_files;
pub mod prune_authorized_bots;

View File

@@ -0,0 +1,24 @@
use revolt_database::{iso8601_timestamp::{Duration, Timestamp}, util::oauth2::TokenType, Database};
use revolt_result::Result;
use tokio::time::sleep;
use log::info;
pub async fn task(db: Database) -> Result<()> {
let lifetime = Duration::new(TokenType::Access.lifetime().num_seconds(), 0);
loop {
let deauthorized_bots = db.fetch_deauthorized_authorized_bots().await?;
for bot in deauthorized_bots {
if let Some(deauthorized_at) = &bot.deauthorized_at {
if deauthorized_at.saturating_add(lifetime) < Timestamp::now_utc() {
db.delete_authorized_bot(&bot.id).await?;
};
};
};
// 1 hour
sleep(std::time::Duration::from_secs(60 * 60)).await;
}
}