vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Add a worker to automatically GC expired app specific tokens

Browse source 
Fixes https://jira.coreos.com/browse/QUAY-822
This commit is contained in:
Joseph Schorr 2018-02-12 14:56:01 -05:00
parent 06d25816be
commit d45161b120
7 changed files with 77 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

6
data/model/appspecifictoken.py
View file

@ -63,11 +63,11 @@ def get_expiring_tokens(user, soon):
AppSpecificAuthToken.expiration <= soon_datetime))
def gc_expired_tokens(user):
""" Deletes all expired tokens owned by the given user. """
def gc_expired_tokens(expiration_window):
""" Deletes all expired tokens outside of the expiration window. """
(AppSpecificAuthToken
.delete()
.where(AppSpecificAuthToken.user == user, AppSpecificAuthToken.expiration < datetime.now())
.where(AppSpecificAuthToken.expiration < (datetime.now() - expiration_window))
.execute())

4
data/model/test/test_appspecifictoken.py
View file

@ -1,4 +1,4 @@
from datetime import datetime
from datetime import datetime, timedelta
from mock import patch
import pytest
@ -36,7 +36,7 @@ def test_gc(expiration, initialized_db):
token = create_token(user, 'Some token', expiration=expiration_date)
# GC tokens.
gc_expired_tokens(user)
gc_expired_tokens(timedelta(seconds=0))
# Ensure the token was GCed if expired and not if it wasn't.
assert (access_valid_token(token.token_code) is None) == is_expired