core: add additional cleanup for authenticated sessions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
parent
9703e32c1b
commit
8044818a4d
|
|
@ -17,4 +17,8 @@ class Migration(migrations.Migration):
|
||||||
default=None, max_length=500, null=True, upload_to="application-icons/"
|
default=None, max_length=500, null=True, upload_to="application-icons/"
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
migrations.AlterModelOptions(
|
||||||
|
name='authenticatedsession',
|
||||||
|
options={'verbose_name': 'Authenticated Session', 'verbose_name_plural': 'Authenticated Sessions'},
|
||||||
|
),
|
||||||
]
|
]
|
||||||
|
|
|
||||||
|
|
@ -519,3 +519,8 @@ class AuthenticatedSession(ExpiringModel):
|
||||||
last_user_agent=request.META.get("HTTP_USER_AGENT", ""),
|
last_user_agent=request.META.get("HTTP_USER_AGENT", ""),
|
||||||
expires=request.session.get_expiry_date(),
|
expires=request.session.get_expiry_date(),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
|
||||||
|
verbose_name = _("Authenticated Session")
|
||||||
|
verbose_name_plural = _("Authenticated Sessions")
|
||||||
|
|
|
||||||
|
|
@ -7,12 +7,14 @@ from boto3.exceptions import Boto3Error
|
||||||
from botocore.exceptions import BotoCoreError, ClientError
|
from botocore.exceptions import BotoCoreError, ClientError
|
||||||
from dbbackup.db.exceptions import CommandConnectorError
|
from dbbackup.db.exceptions import CommandConnectorError
|
||||||
from django.contrib.humanize.templatetags.humanize import naturaltime
|
from django.contrib.humanize.templatetags.humanize import naturaltime
|
||||||
|
from django.contrib.sessions.backends.cache import KEY_PREFIX
|
||||||
from django.core import management
|
from django.core import management
|
||||||
|
from django.core.cache import cache
|
||||||
from django.utils.timezone import now
|
from django.utils.timezone import now
|
||||||
from kubernetes.config.incluster_config import SERVICE_HOST_ENV_NAME
|
from kubernetes.config.incluster_config import SERVICE_HOST_ENV_NAME
|
||||||
from structlog.stdlib import get_logger
|
from structlog.stdlib import get_logger
|
||||||
|
|
||||||
from authentik.core.models import ExpiringModel
|
from authentik.core.models import AuthenticatedSession, ExpiringModel
|
||||||
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
|
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||||
from authentik.lib.config import CONFIG
|
from authentik.lib.config import CONFIG
|
||||||
from authentik.root.celery import CELERY_APP
|
from authentik.root.celery import CELERY_APP
|
||||||
|
|
@ -34,6 +36,16 @@ def clean_expired_models(self: MonitoredTask):
|
||||||
amount = objects.count()
|
amount = objects.count()
|
||||||
LOGGER.debug("Expired models", model=cls, amount=amount)
|
LOGGER.debug("Expired models", model=cls, amount=amount)
|
||||||
messages.append(f"Expired {amount} {cls._meta.verbose_name_plural}")
|
messages.append(f"Expired {amount} {cls._meta.verbose_name_plural}")
|
||||||
|
# Special case
|
||||||
|
amount = 0
|
||||||
|
for session in AuthenticatedSession.objects.all():
|
||||||
|
cache_key = f"{KEY_PREFIX}{session.session_key}"
|
||||||
|
value = cache.get(cache_key)
|
||||||
|
if not value:
|
||||||
|
session.delete()
|
||||||
|
amount += 1
|
||||||
|
LOGGER.debug("Expired sessions", model=AuthenticatedSession, amount=amount)
|
||||||
|
messages.append(f"Expired {amount} {AuthenticatedSession._meta.verbose_name_plural}")
|
||||||
self.set_status(TaskResult(TaskResultStatus.SUCCESSFUL, messages))
|
self.set_status(TaskResult(TaskResultStatus.SUCCESSFUL, messages))
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Reference in New Issue