2020-12-05 21:08:42 +00:00
|
|
|
"""authentik core tasks"""
|
2022-03-30 22:30:55 +00:00
|
|
|
from datetime import datetime, timedelta
|
|
|
|
|
|
2021-08-05 21:25:40 +00:00
|
|
|
from django.contrib.sessions.backends.cache import KEY_PREFIX
|
|
|
|
|
from django.core.cache import cache
|
2020-09-15 10:53:02 +00:00
|
|
|
from django.utils.timezone import now
|
2021-01-01 14:39:43 +00:00
|
|
|
from structlog.stdlib import get_logger
|
2019-02-26 13:07:47 +00:00
|
|
|
|
2022-03-30 22:30:55 +00:00
|
|
|
from authentik.core.models import (
|
|
|
|
|
USER_ATTRIBUTE_EXPIRES,
|
|
|
|
|
USER_ATTRIBUTE_GENERATED,
|
|
|
|
|
AuthenticatedSession,
|
|
|
|
|
ExpiringModel,
|
|
|
|
|
User,
|
|
|
|
|
)
|
2021-12-09 09:18:00 +00:00
|
|
|
from authentik.events.monitored_tasks import (
|
|
|
|
|
MonitoredTask,
|
|
|
|
|
TaskResult,
|
|
|
|
|
TaskResultStatus,
|
|
|
|
|
prefill_task,
|
|
|
|
|
)
|
2020-12-05 21:08:42 +00:00
|
|
|
from authentik.root.celery import CELERY_APP
|
2019-02-26 13:07:47 +00:00
|
|
|
|
2019-10-04 08:08:53 +00:00
|
|
|
LOGGER = get_logger()
|
2019-02-26 13:07:47 +00:00
|
|
|
|
2019-12-31 11:51:16 +00:00
|
|
|
|
2021-12-09 09:18:00 +00:00
|
|
|
@CELERY_APP.task(bind=True, base=MonitoredTask)
|
|
|
|
|
@prefill_task
|
|
|
|
|
def clean_expired_models(self: MonitoredTask):
|
2020-07-20 08:57:12 +00:00
|
|
|
"""Remove expired objects"""
|
2020-10-16 09:28:54 +00:00
|
|
|
messages = []
|
2020-07-20 08:57:12 +00:00
|
|
|
for cls in ExpiringModel.__subclasses__():
|
|
|
|
|
cls: ExpiringModel
|
2021-07-14 19:47:32 +00:00
|
|
|
objects = (
|
2021-08-03 15:45:16 +00:00
|
|
|
cls.objects.all().exclude(expiring=False).exclude(expiring=True, expires__gt=now())
|
2020-09-15 10:53:02 +00:00
|
|
|
)
|
2022-05-14 20:41:50 +00:00
|
|
|
amount = objects.count()
|
2021-07-14 19:47:32 +00:00
|
|
|
for obj in objects:
|
|
|
|
|
obj.expire_action()
|
|
|
|
|
LOGGER.debug("Expired models", model=cls, amount=amount)
|
|
|
|
|
messages.append(f"Expired {amount} {cls._meta.verbose_name_plural}")
|
2021-08-05 21:25:40 +00:00
|
|
|
# Special case
|
|
|
|
|
amount = 0
|
|
|
|
|
for session in AuthenticatedSession.objects.all():
|
|
|
|
|
cache_key = f"{KEY_PREFIX}{session.session_key}"
|
2023-02-13 15:34:47 +00:00
|
|
|
value = None
|
2023-02-13 12:18:04 +00:00
|
|
|
try:
|
|
|
|
|
value = cache.get(cache_key)
|
|
|
|
|
# pylint: disable=broad-except
|
|
|
|
|
except Exception as exc:
|
|
|
|
|
LOGGER.debug("Failed to get session from cache", exc=exc)
|
2021-08-05 21:25:40 +00:00
|
|
|
if not value:
|
|
|
|
|
session.delete()
|
|
|
|
|
amount += 1
|
|
|
|
|
LOGGER.debug("Expired sessions", model=AuthenticatedSession, amount=amount)
|
|
|
|
|
messages.append(f"Expired {amount} {AuthenticatedSession._meta.verbose_name_plural}")
|
2020-10-16 09:28:54 +00:00
|
|
|
self.set_status(TaskResult(TaskResultStatus.SUCCESSFUL, messages))
|
2022-03-30 22:30:55 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@CELERY_APP.task(bind=True, base=MonitoredTask)
|
|
|
|
|
@prefill_task
|
|
|
|
|
def clean_temporary_users(self: MonitoredTask):
|
|
|
|
|
"""Remove temporary users created by SAML Sources"""
|
|
|
|
|
_now = datetime.now()
|
|
|
|
|
messages = []
|
|
|
|
|
deleted_users = 0
|
|
|
|
|
for user in User.objects.filter(**{f"attributes__{USER_ATTRIBUTE_GENERATED}": True}):
|
2022-04-10 15:53:46 +00:00
|
|
|
if not user.attributes.get(USER_ATTRIBUTE_EXPIRES):
|
2022-04-10 15:02:25 +00:00
|
|
|
continue
|
2022-03-30 22:30:55 +00:00
|
|
|
delta: timedelta = _now - datetime.fromtimestamp(
|
|
|
|
|
user.attributes.get(USER_ATTRIBUTE_EXPIRES)
|
|
|
|
|
)
|
|
|
|
|
if delta.total_seconds() > 0:
|
|
|
|
|
LOGGER.debug("User is expired and will be deleted.", user=user, delta=delta)
|
|
|
|
|
user.delete()
|
|
|
|
|
deleted_users += 1
|
|
|
|
|
messages.append(f"Successfully deleted {deleted_users} users.")
|
|
|
|
|
self.set_status(TaskResult(TaskResultStatus.SUCCESSFUL, messages))
|
