|
6 | 6 | from itertools import pairwise |
7 | 7 |
|
8 | 8 | from dateutil.rrule import MONTHLY, rrule |
9 | | -from sqlalchemy import insert, select, text, update |
| 9 | +from sqlalchemy import delete, insert, select, text, update |
10 | 10 | from sqlalchemy.exc import IntegrityError, NoResultFound |
11 | 11 | from sqlalchemy.ext.asyncio import AsyncConnection |
12 | 12 | from uuid_utils import UUID, uuid7 |
@@ -339,3 +339,61 @@ async def revoke_user_refresh_tokens(self, subject): |
339 | 339 | .where(RefreshTokens.sub == subject) |
340 | 340 | .values(status=RefreshTokenStatus.REVOKED) |
341 | 341 | ) |
| 342 | + |
| 343 | + async def clean_expired_refresh_tokens(self, max_validity: int) -> int: |
| 344 | + """Delete expired refresh tokens. |
| 345 | +
|
| 346 | + max_validity: Maximum validity time in minutes for refresh tokens. |
| 347 | + """ |
| 348 | + expired_date = str( |
| 349 | + uuid7_from_datetime(substract_date(minutes=max_validity), randomize=False) |
| 350 | + ) |
| 351 | + stmt_expired = delete(RefreshTokens).where( |
| 352 | + RefreshTokens.status == RefreshTokenStatus.CREATED, |
| 353 | + RefreshTokens.jti < expired_date, |
| 354 | + ) |
| 355 | + res_expired = await self.conn.execute(stmt_expired) |
| 356 | + |
| 357 | + return res_expired.rowcount |
| 358 | + |
| 359 | + async def clean_revoked_refresh_tokens(self, max_retention: int) -> int: |
| 360 | + """Delete old revoked refresh tokens. |
| 361 | +
|
| 362 | + max_retention: Maximum retention time in minutes for revoked refresh tokens. |
| 363 | + """ |
| 364 | + revoked_date = str( |
| 365 | + uuid7_from_datetime(substract_date(minutes=max_retention), randomize=False) |
| 366 | + ) |
| 367 | + stmt_revoked = delete(RefreshTokens).where( |
| 368 | + RefreshTokens.status == RefreshTokenStatus.REVOKED, |
| 369 | + RefreshTokens.jti < revoked_date, |
| 370 | + ) |
| 371 | + res_revoked = await self.conn.execute(stmt_revoked) |
| 372 | + |
| 373 | + return res_revoked.rowcount |
| 374 | + |
| 375 | + async def clean_expired_authorization_flows(self, max_retention: int) -> int: |
| 376 | + """Delete old authorization flows. |
| 377 | +
|
| 378 | + max_retention: Maximum retention time in minutes for expired authorization flows. |
| 379 | + Must be bigger than authorization_flow_expiration_seconds. |
| 380 | + """ |
| 381 | + stmt_auth = delete(AuthorizationFlows).where( |
| 382 | + AuthorizationFlows.creation_time < substract_date(minutes=max_retention), |
| 383 | + ) |
| 384 | + res_auth = await self.conn.execute(stmt_auth) |
| 385 | + |
| 386 | + return res_auth.rowcount |
| 387 | + |
| 388 | + async def clean_expired_device_flows(self, max_retention: int) -> int: |
| 389 | + """Delete old device flows. |
| 390 | +
|
| 391 | + max_retention: Maximum retention time in minutes for expired device flows. |
| 392 | + Must be bigger than device_flow_expiration_seconds. |
| 393 | + """ |
| 394 | + stmt_device = delete(DeviceFlows).where( |
| 395 | + DeviceFlows.creation_time < substract_date(minutes=max_retention), |
| 396 | + ) |
| 397 | + res_device = await self.conn.execute(stmt_device) |
| 398 | + |
| 399 | + return res_device.rowcount |
0 commit comments