habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
639c2f5c2ef9ef1babb952123b829c8e822d3e59
authentik/authentik/sources/saml/tasks.py
Jens Langhammer cf78c89830 events: replace @prefill_task with custom base class to prefill 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 13:47:35 +01:00

37 lines
1.6 KiB
Python
Raw Blame History

"""authentik saml source tasks"""
from django.utils.timezone import now
from structlog.stdlib import get_logger
from authentik.core.models import AuthenticatedSession, User
from authentik.events.monitored_tasks import PrefilledMonitoredTask, TaskResult, TaskResultStatus
from authentik.lib.utils.time import timedelta_from_string
from authentik.root.celery import CELERY_APP
from authentik.sources.saml.models import SAMLSource
LOGGER = get_logger()
@CELERY_APP.task(bind=True, base=PrefilledMonitoredTask)
def clean_temporary_users(self: PrefilledMonitoredTask):
"""Remove temporary users created by SAML Sources"""
_now = now()
messages = []
deleted_users = 0
for user in User.objects.filter(attributes__saml__isnull=False):
sources = SAMLSource.objects.filter(pk=user.attributes.get("saml", {}).get("source", ""))
if not sources.exists():
LOGGER.warning("User has an invalid SAML Source and won't be deleted!", user=user)
messages.append(f"User {user} has an invalid SAML Source and won't be deleted!")
continue
source = sources.first()
source_delta = timedelta_from_string(source.temporary_user_delete_after)
if (
_now - user.last_login >= source_delta
and not AuthenticatedSession.objects.filter(user=user).exists()
):
LOGGER.debug("User is expired and will be deleted.", user=user, delta=source_delta)
user.delete()
deleted_users += 1
messages.append(f"Successfully deleted {deleted_users} users.")
self.set_status(TaskResult(TaskResultStatus.SUCCESSFUL, messages))
Reference in New Issue View Git Blame Copy Permalink