Automatically remove outdated account creation requests
This commit is contained in:
parent
62a52b385e
commit
7f8e41b618
@ -1,3 +1,5 @@
|
||||
use std::time::Duration;
|
||||
|
||||
#[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]
|
||||
pub struct SizeConstraint {
|
||||
min: usize,
|
||||
@ -31,3 +33,6 @@ impl Default for StaticConstraints {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// Password reset token duration
|
||||
pub const PASSWORD_RESET_TOKEN_DURATION: Duration = Duration::from_secs(3600 * 24);
|
||||
|
@ -31,6 +31,9 @@ pub async fn create_account(remote_ip: RemoteIP, req: web::Json<CreateAccountBod
|
||||
return Ok(HttpResponse::BadRequest().json("Size constraints were not respected!"));
|
||||
}
|
||||
|
||||
// Perform cleanup
|
||||
users_service::delete_not_validated_accounts().await?;
|
||||
|
||||
// Check if email is already attached to an account
|
||||
if users_service::exists_email(&req.email).await? {
|
||||
return Ok(
|
||||
@ -44,8 +47,6 @@ pub async fn create_account(remote_ip: RemoteIP, req: web::Json<CreateAccountBod
|
||||
// Trigger reset password (send mail)
|
||||
users_service::request_reset_password(&mut user).await?;
|
||||
|
||||
// TODO : cleanup in a cron not validated accounts after 24 hours
|
||||
|
||||
// Account successfully created
|
||||
Ok(HttpResponse::Created().finish())
|
||||
}
|
||||
|
@ -8,7 +8,7 @@ pub async fn send_mail<D: Display>(to: &str, subject: &str, body: D) -> anyhow::
|
||||
let conf = AppConfig::get();
|
||||
|
||||
let email = Message::builder()
|
||||
.from(conf.mail_sender.parse()?)
|
||||
.from(format!("GeneIT <{}>", conf.mail_sender).parse()?)
|
||||
.to(to.parse()?)
|
||||
.subject(subject)
|
||||
.header(ContentType::TEXT_PLAIN)
|
||||
|
@ -2,6 +2,7 @@
|
||||
|
||||
use crate::app_config::AppConfig;
|
||||
use crate::connections::db_connection;
|
||||
use crate::constants::PASSWORD_RESET_TOKEN_DURATION;
|
||||
use crate::models::{NewUser, User, UserID};
|
||||
use crate::schema::users;
|
||||
use crate::services::mail_service;
|
||||
@ -78,3 +79,19 @@ pub async fn request_reset_password(user: &mut User) -> anyhow::Result<()> {
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Delete not validated accounts whose reset token has expired
|
||||
pub async fn delete_not_validated_accounts() -> anyhow::Result<()> {
|
||||
db_connection::execute(|conn| {
|
||||
diesel::delete(
|
||||
users::dsl::users.filter(
|
||||
users::dsl::time_activate.eq(0).and(
|
||||
users::dsl::time_gen_reset_token
|
||||
.lt(time() as i64 - PASSWORD_RESET_TOKEN_DURATION.as_secs() as i64),
|
||||
),
|
||||
),
|
||||
)
|
||||
.execute(conn)?;
|
||||
Ok(())
|
||||
})
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user