feat: delete inactive users and index

Author: pajgo

src/actions/activate.js

@@ -5,7 +5,8 @@ const jwt = require('../utils/jwt.js');
 const { getInternalData } = require('../utils/userData');
 const getMetadata = require('../utils/getMetadata');
 const handlePipeline = require('../utils/pipelineError.js');
-const InactiveUser = require('../utils/inactive-user');
+const InactiveUser = require('../utils/inactive-user/inactive-user');
+const User = require('../utils/user/user');
 
 const {
   USERS_INDEX,
@@ -25,7 +26,7 @@ const {
 const Forbidden = new Errors.HttpStatusError(403, 'invalid token');
 const Inactive = new Errors.HttpStatusError(412, 'expired token, please request a new email');
 const Active = new Errors.HttpStatusError(409, 'account is already active, please use sign in form');
-
+const NotFound = new Errors.HttpStatusError(404, 'account not found');
 /**
  * Helper to determine if something is true
  */
@@ -158,6 +159,13 @@ function hook(userId) {
   return this.service.hook('users:activate', userId, { audience: this.audience });
 }
 
+async function checkUserDeleting(internalData) {
+  const user = new User(this);
+  if (await user.isUserDeleting(internalData.id)) {
+    throw NotFound;
+  }
+}
+
 /**
  * @api {amqp} <prefix>.activate Activate User
  * @apiVersion 1.0.0
@@ -183,7 +191,7 @@ async function activateAction({ params }) {
   // TODO: add security logs
   // var remoteip = request.params.remoteip;
   const { token, username } = params;
-  const { log, config, redis, dlock, tokenManager } = this;
+  const { log, config } = this;
   const audience = params.audience || config.defaultAudience;
 
   log.debug('incoming request params %j', params);
@@ -197,14 +205,15 @@ async function activateAction({ params }) {
     erase: config.token.erase,
   };
 
-  const inactiveUsers = new InactiveUser(redis);
-  await inactiveUsers.cleanInactive(config.deleteInactiveAccounts, { dlock, tokenManager });
+  const inactiveUsers = new InactiveUser(this);
+  await inactiveUsers.deleteInactive(config.deleteInactiveAccounts);
 
   return Promise
     .bind(context)
     .then(verifyRequest)
     .bind(this)
     .then((resolvedUsername) => getInternalData.call(this, resolvedUsername))
+    .tap(checkUserDeleting)
     .then((internalData) => Promise.join(
       internalData,
       getMetadata.call(this, internalData[USERS_ID_FIELD], audience).get(audience)

src/actions/register.js

@@ -22,7 +22,7 @@ const checkLimits = require('../utils/checkIpLimits');
 const challenge = require('../utils/challenges/challenge');
 const handlePipeline = require('../utils/pipelineError');
 const hashPassword = require('../utils/register/password/hash');
-const InactiveUser = require('../utils/inactive-user');
+const InactiveUser = require('../utils/inactive-user/inactive-user');
 
 const {
   USERS_REF,
@@ -150,8 +150,6 @@ async function performRegistration({ service, params }) {
   const {
     config,
     redis,
-    dlock,
-    tokenManager,
   } = service;
 
   // do verifications of DB state
@@ -176,8 +174,8 @@ async function performRegistration({ service, params }) {
     await verifySSO(service, params);
   }
 
-  const inactiveUsers = new InactiveUser(redis);
-  await inactiveUsers.cleanInactive(config.deleteInactiveAccounts, { dlock, tokenManager });
+  const inactiveUsers = new InactiveUser(service);
+  await inactiveUsers.deleteInactive(config.deleteInactiveAccounts);
 
   const [creatorAudience] = audience;
   const defaultAudience = last(audience);
@@ -215,7 +213,7 @@ async function performRegistration({ service, params }) {
   pipeline.hset(USERS_USERNAME_TO_ID, username, userId);
 
   if (activate === false && config.deleteInactiveAccounts >= 0) {
-    InactiveUser.add(pipeline, userId, created);
+    inactiveUsers.add(userId, created, pipeline);
   }
 
   await pipeline.exec().then(handlePipeline);

src/utils/inactive-user.js

@@ -0,0 +1,48 @@
+const Promise = require('bluebird');
+const RedisInactiveUser = require('./redis/inactive-user');
+const User = require('../user/user');
+
+class InactiveUser {
+  constructor(service) {
+    this.service = service;
+    this.backend = new RedisInactiveUser(service.redis);
+  }
+
+  acquireLock(lockName) {
+    const { dlock } = this.service;
+    return dlock
+      .once(lockName)
+      .disposer((l) => {
+        l.release().reflect();
+      });
+  }
+
+  add(userId, created, pipeline = undefined) {
+    return this.backend.add(userId, created, pipeline);
+  }
+
+  deleteInactive(userTTL) {
+    return Promise
+      .using(this.acquireLock('delete-inactive-users'), () => this._deleteInactive(userTTL))
+      .catch({ name: 'LockAcquisitionError' }, () => {});
+  }
+
+  async _deleteInactive(userTTL) {
+    const user = new User(this.service);
+    const inactiveUsers = await this.backend.get(userTTL);
+    const work = [];
+
+    for (const userId of inactiveUsers) {
+      work.push(
+        user
+          .delete(userId)
+          .then(() => this.backend.remove(userId))
+      );
+    }
+    await Promise.all(work);
+
+    return inactiveUsers.length;
+  }
+}
+
+module.exports = InactiveUser;

src/utils/inactive-user/inactive-user.js

@@ -1,4 +1,4 @@
-const key = require('../../../key');
+const key = require('../../key');
 
 const {
   SSO_PROVIDERS,
@@ -12,7 +12,7 @@ const {
   USERS_DATA,
   USERS_METADATA,
   USERS_AUDIENCE,
-} = require('../../../../constants');
+} = require('../../../constants');
 
 
 const luaScript = `
@@ -86,7 +86,9 @@ const luaScript = `
   if userData ~= nil then
     local alias = userData[aliasField]
     local username = userData[usernameField]
-
+    if isempty(username) == true then
+      return;
+    end
     -- delete alias
     if isempty(alias) == false then
       redis.call("HDEL", aliasToIDKey, alias, string.lower(alias))