|
|
|
@ -16,8 +16,9 @@ import (
|
|
|
|
|
) |
|
|
|
|
|
|
|
|
|
var ( |
|
|
|
|
inviteExpireDuration = time.Hour * 24 * 30 // 30 days
|
|
|
|
|
accountExpireDuration = time.Hour * 24 * 90 // 90 days
|
|
|
|
|
inviteExpireDuration = time.Hour * 24 * 30 // 30 days
|
|
|
|
|
accountExpireDuration = time.Hour * 24 * 90 // 90 days
|
|
|
|
|
accountBlockDuration = time.Hour * 24 * 6 * 30 // ~ 6 months
|
|
|
|
|
) |
|
|
|
|
|
|
|
|
|
func main() { |
|
|
|
@ -49,6 +50,7 @@ func main() {
|
|
|
|
|
if err != nil { |
|
|
|
|
log.Fatal(err) |
|
|
|
|
} |
|
|
|
|
go lockUsers(l) |
|
|
|
|
|
|
|
|
|
ldb, err := db.Init(*dbpath) |
|
|
|
|
if err != nil { |
|
|
|
@ -65,6 +67,32 @@ func main() {
|
|
|
|
|
log.Fatal(server.Serve(*httpaddr, &l, m, ldb, usersAskRole)) |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
func lockUsers(l ldap.Ldap) { |
|
|
|
|
for { |
|
|
|
|
users, err := l.ListUsers() |
|
|
|
|
if err != nil { |
|
|
|
|
log.Printf("Error listing users for locking: %v", err) |
|
|
|
|
time.Sleep(time.Minute * 61) |
|
|
|
|
continue |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
for _, u := range users { |
|
|
|
|
// TODO: add deleted flag
|
|
|
|
|
if u.Locked != ldap.Unlocked || |
|
|
|
|
u.LastLogin.Add(accountBlockDuration).After(time.Now()) { |
|
|
|
|
continue |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
err = l.ChangeLocked(u.Name, ldap.Blocked) |
|
|
|
|
if err != nil { |
|
|
|
|
log.Printf("Error changing locked for user %s: %v", u.Name, err) |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
time.Sleep(time.Minute * 61) |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
func cleanInvites(ldb *db.DB) { |
|
|
|
|
for { |
|
|
|
|
ldb.ExpireInvites(inviteExpireDuration) |
|
|
|
|