authentik.core.tasks

 1"""authentik core tasks"""
 2
 3from datetime import datetime, timedelta
 4
 5from django.utils.timezone import now
 6from django.utils.translation import gettext_lazy as _
 7from django_channels_postgres.models import GroupChannel, Message
 8from django_postgres_cache.tasks import clear_expired_cache
 9from dramatiq.actor import actor
10from structlog.stdlib import get_logger
11
12from authentik.core.models import (
13    USER_ATTRIBUTE_EXPIRES,
14    USER_ATTRIBUTE_GENERATED,
15    ExpiringModel,
16    User,
17)
18from authentik.lib.utils.db import chunked_queryset
19from authentik.tasks.middleware import CurrentTask
20
21LOGGER = get_logger()
22
23
24@actor(description=_("Remove expired objects."))
25def clean_expired_models():
26    self = CurrentTask.get_task()
27    for cls in ExpiringModel.__subclasses__():
28        cls: ExpiringModel
29        objects = (
30            cls.objects.including_expired()
31            .all()
32            .exclude(expiring=False)
33            .exclude(expiring=True, expires__gt=now())
34        )
35        amount = objects.count()
36        for obj in chunked_queryset(objects):
37            obj.expire_action()
38        LOGGER.debug("Expired models", model=cls, amount=amount)
39        self.info(f"Expired {amount} {cls._meta.verbose_name_plural}")
40    clear_expired_cache()
41    for cls in [Message, GroupChannel]:
42        objects = cls.objects.all().filter(expires__lt=now())
43        amount = objects.count()
44        for obj in chunked_queryset(objects):
45            obj.delete()
46        LOGGER.debug("Expired models", model=cls, amount=amount)
47        self.info(f"Expired {amount} {cls._meta.verbose_name_plural}")
48
49
50@actor(description=_("Remove temporary users created by SAML Sources."))
51def clean_temporary_users():
52    self = CurrentTask.get_task()
53    _now = datetime.now()
54    deleted_users = 0
55    for user in User.objects.filter(**{f"attributes__{USER_ATTRIBUTE_GENERATED}": True}):
56        if not user.attributes.get(USER_ATTRIBUTE_EXPIRES):
57            continue
58        delta: timedelta = _now - datetime.fromtimestamp(
59            user.attributes.get(USER_ATTRIBUTE_EXPIRES)
60        )
61        if delta.total_seconds() > 0:
62            LOGGER.debug("User is expired and will be deleted.", user=user, delta=delta)
63            user.delete()
64            deleted_users += 1
65    self.info(f"Successfully deleted {deleted_users} users.")