server: properly delete expired password reset requests
All checks were successful
ci/woodpecker/push/lint-backend Pipeline was successful
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-client Pipeline was successful
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/test Pipeline was successful

Changelog: Fixed
This commit is contained in:
Johann150 2022-10-23 23:00:25 +02:00
parent ba911dab65
commit a0ef32f4f6
Signed by: Johann150
GPG key ID: 9EE6577A2A06F8F1

View file

@ -1,6 +1,6 @@
import Bull from 'bull';
import { In, LessThan } from 'typeorm';
import { AttestationChallenges, Mutings, Signins } from '@/models/index.js';
import { AttestationChallenges, Mutings, PasswordResetRequests, Signins } from '@/models/index.js';
import { publishUserEvent } from '@/services/stream.js';
import { MINUTE, DAY } from '@/const.js';
import { queueLogger } from '@/queue/logger.js';
@ -35,6 +35,11 @@ export async function checkExpired(job: Bull.Job<Record<string, unknown>>, done:
createdAt: LessThan(new Date(new Date().getTime() - 5 * MINUTE)),
});
await PasswordResetRequests.delete({
// this timing should be the same as in @/server/api/endpoints/reset-password.ts
createdAt: LessThan(new Date(new Date().getTime() - 30 * MINUTE)),
});
logger.succ('Deleted expired mutes, signins and attestation challenges.');
done();