github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-10-18 13:20:16 -04:00
Code Issues Projects Releases Packages Wiki Activity

auth: Run removeInvalidTokens 5s after startup

Browse source 
This should prevent problem with the AuthToken purge on Sundays, as the service is either running on sunday or will be restarted there after.

Also move base64url comment to right function

Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
Philip Molares 2021-01-25 16:29:09 +01:00 committed by David Mehren
parent ad0ab648bc
commit c8da989f25
No known key found for this signature in database
GPG key ID: 185982BA4C42B7C3
1 changed files with 20 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
src/auth/auth.service.ts
View file

@ -21,7 +21,7 @@ import { InjectRepository } from '@nestjs/typeorm';
import { Repository } from 'typeorm'; import { Repository } from 'typeorm';
import { ConsoleLoggerService } from '../logger/console-logger.service'; import { ConsoleLoggerService } from '../logger/console-logger.service';
import { TimestampMillis } from '../utils/timestamp'; import { TimestampMillis } from '../utils/timestamp';
import { Cron } from '@nestjs/schedule'; import { Cron, Timeout } from '@nestjs/schedule';
@Injectable() @Injectable()
export class AuthService { export class AuthService {
@ -58,9 +58,6 @@ export class AuthService {
} }
async randomString(length: number): Promise<Buffer> { async randomString(length: number): Promise<Buffer> {
// This is necessary as the is no base64url encoding in the toString method
// but as can be seen on https://tools.ietf.org/html/rfc4648#page-7
// base64url is quite easy buildable from base64
if (length <= 0) { if (length <= 0) {
return null; return null;
} }
@ -68,6 +65,9 @@ export class AuthService {
} }
BufferToBase64Url(text: Buffer): string { BufferToBase64Url(text: Buffer): string {
// This is necessary as the is no base64url encoding in the toString method
// but as can be seen on https://tools.ietf.org/html/rfc4648#page-7
// base64url is quite easy buildable from base64
return text return text
.toString('base64') .toString('base64')
.replace('+', '-') .replace('+', '-')
@ -205,12 +205,28 @@ export class AuthService {
// Delete all non valid tokens every sunday on 3:00 AM // Delete all non valid tokens every sunday on 3:00 AM
@Cron('0 0 3 * * 0') @Cron('0 0 3 * * 0')
async handleCron() { async handleCron() {
return this.removeInvalidTokens();
}
// Delete all non valid tokens 5 sec after startup
@Timeout(5000)
async handleTimeout() {
return this.removeInvalidTokens();
}
async removeInvalidTokens() {
const currentTime = new Date().getTime(); const currentTime = new Date().getTime();
const tokens: AuthToken[] = await this.authTokenRepository.find(); const tokens: AuthToken[] = await this.authTokenRepository.find();
let removedTokens = 0;
for (const token of tokens) { for (const token of tokens) {
if (token.validUntil && token.validUntil.getTime() <= currentTime) { if (token.validUntil && token.validUntil.getTime() <= currentTime) {
this.logger.debug(`AuthToken '${token.keyId}' was removed`);
await this.authTokenRepository.remove(token); await this.authTokenRepository.remove(token);
removedTokens++;
} }
} }
this.logger.log(
`${removedTokens} invalid AuthTokens were purged from the DB.`,
);
} }
} }