From 072dfa9a0bae5b7e9ea1caa97f6a90bd576a5d95 Mon Sep 17 00:00:00 2001
From: Owen Jacobson <owen@grimoire.ca>
Date: Wed, 4 Sep 2024 01:25:31 -0400
Subject: Expire sessions after 90 days.

---
 src/login/repo/tokens.rs | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'src/login/repo/tokens.rs')

diff --git a/src/login/repo/tokens.rs b/src/login/repo/tokens.rs
index 584f6dc..3ec3d63 100644
--- a/src/login/repo/tokens.rs
+++ b/src/login/repo/tokens.rs
@@ -1,3 +1,4 @@
+use chrono::TimeDelta;
 use sqlx::{sqlite::Sqlite, SqliteConnection, Transaction};
 use uuid::Uuid;
 
@@ -62,6 +63,23 @@ impl<'c> Tokens<'c> {
         Ok(())
     }
 
+    pub async fn expire(&mut self, expire_at: DateTime) -> Result<(), BoxedError> {
+        // Somewhat arbitrarily, expire after 90 days.
+        let expired_issue_at = expire_at - TimeDelta::days(90);
+        sqlx::query!(
+            r#"
+                delete
+                from token
+                where issued_at < $1
+            "#,
+            expired_issue_at,
+        )
+        .execute(&mut *self.0)
+        .await?;
+
+        Ok(())
+    }
+
     /// Validate a token by its secret, retrieving the associated Login record.
     /// Will return [None] if the token is not valid.
     pub async fn validate(&mut self, secret: &str) -> Result<Option<Login>, BoxedError> {
-- 
cgit v1.2.3