Commit ce933602 authored by Lukas Fleischer's avatar Lukas Fleischer
Browse files

Erase login IP addresses after seven days



Add a script to periodically remove old IP addresses from the users
database.

The login IP addresses are stored for spam protection and to prevent
from abuse. It is quite unlikely that we ever need the IP address of a
user whose last login is more than a week old. It makes sense to remove
such IP addresses to protect our users' privacy.

Signed-off-by: Lukas Fleischer's avatarLukas Fleischer <lfleischer@archlinux.org>
parent 4381a0d7
#!/usr/bin/env python3
import time
import aurweb.db
def main():
conn = aurweb.db.Connection()
limit_to = int(time.time()) - 86400 * 7
conn.execute("UPDATE Users SET LastLoginIPAddress = NULL " +
"WHERE LastLogin < ?", [limit_to])
conn.execute("UPDATE Users SET LastSSHLoginIPAddress = NULL " +
"WHERE LastSSHLogin < ?", [limit_to])
conn.commit()
conn.close()
if __name__ == '__main__':
main()
......@@ -29,6 +29,7 @@ setup(
'aurweb-popupdate = aurweb.scripts.popupdate:main',
'aurweb-rendercomment = aurweb.scripts.rendercomment:main',
'aurweb-tuvotereminder = aurweb.scripts.tuvotereminder:main',
'aurweb-usermaint = aurweb.scripts.usermaint:main',
],
},
)
......@@ -14,6 +14,7 @@ GIT_UPDATE="$TOPLEVEL/aurweb/git/update.py"
MKPKGLISTS="$TOPLEVEL/aurweb/scripts/mkpkglists.py"
TUVOTEREMINDER="$TOPLEVEL/aurweb/scripts/tuvotereminder.py"
PKGMAINT="$TOPLEVEL/aurweb/scripts/pkgmaint.py"
USERMAINT="$TOPLEVEL/aurweb/scripts/usermaint.py"
AURBLUP="$TOPLEVEL/aurweb/scripts/aurblup.py"
NOTIFY="$TOPLEVEL/aurweb/scripts/notify.py"
RENDERCOMMENT="$TOPLEVEL/aurweb/scripts/rendercomment.py"
......
#!/bin/sh
test_description='usermaint tests'
. ./setup.sh
test_expect_success 'Test removal of login IP addresses.' '
now=$(date -d now +%s) &&
threedaysago=$(date -d "3 days ago" +%s) &&
tendaysago=$(date -d "10 days ago" +%s) &&
cat <<-EOD | sqlite3 aur.db &&
UPDATE Users SET LastLogin = $threedaysago, LastLoginIPAddress = "1.2.3.4" WHERE ID = 1;
UPDATE Users SET LastLogin = $tendaysago, LastLoginIPAddress = "2.3.4.5" WHERE ID = 2;
UPDATE Users SET LastLogin = $now, LastLoginIPAddress = "3.4.5.6" WHERE ID = 3;
UPDATE Users SET LastLogin = 0, LastLoginIPAddress = "4.5.6.7" WHERE ID = 4;
UPDATE Users SET LastLogin = 0, LastLoginIPAddress = "5.6.7.8" WHERE ID = 5;
UPDATE Users SET LastLogin = $tendaysago, LastLoginIPAddress = "6.7.8.9" WHERE ID = 6;
EOD
"$USERMAINT" &&
cat <<-EOD >expected &&
1.2.3.4
3.4.5.6
EOD
echo "SELECT LastLoginIPAddress FROM Users WHERE LastLoginIPAddress IS NOT NULL;" | sqlite3 aur.db >actual &&
test_cmp actual expected
'
test_expect_success 'Test removal of SSH login IP addresses.' '
now=$(date -d now +%s) &&
threedaysago=$(date -d "3 days ago" +%s) &&
tendaysago=$(date -d "10 days ago" +%s) &&
cat <<-EOD | sqlite3 aur.db &&
UPDATE Users SET LastSSHLogin = $now, LastSSHLoginIPAddress = "1.2.3.4" WHERE ID = 1;
UPDATE Users SET LastSSHLogin = $threedaysago, LastSSHLoginIPAddress = "2.3.4.5" WHERE ID = 2;
UPDATE Users SET LastSSHLogin = $tendaysago, LastSSHLoginIPAddress = "3.4.5.6" WHERE ID = 3;
UPDATE Users SET LastSSHLogin = 0, LastSSHLoginIPAddress = "4.5.6.7" WHERE ID = 4;
UPDATE Users SET LastSSHLogin = 0, LastSSHLoginIPAddress = "5.6.7.8" WHERE ID = 5;
UPDATE Users SET LastSSHLogin = $tendaysago, LastSSHLoginIPAddress = "6.7.8.9" WHERE ID = 6;
EOD
"$USERMAINT" &&
cat <<-EOD >expected &&
1.2.3.4
2.3.4.5
EOD
echo "SELECT LastSSHLoginIPAddress FROM Users WHERE LastSSHLoginIPAddress IS NOT NULL;" | sqlite3 aur.db >actual &&
test_cmp actual expected
'
test_done
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment