♻️ Better sign in flow

This commit is contained in:
LittleSheep 2024-09-16 02:37:02 +08:00
parent ea3d6c20d3
commit df9fb0a92a
8 changed files with 128 additions and 101 deletions

1
go.mod
View File

@ -11,7 +11,6 @@ require (
github.com/golang-jwt/jwt/v5 v5.2.0 github.com/golang-jwt/jwt/v5 v5.2.0
github.com/google/uuid v1.6.0 github.com/google/uuid v1.6.0
github.com/json-iterator/go v1.1.12 github.com/json-iterator/go v1.1.12
github.com/nicksnyder/go-i18n/v2 v2.4.0
github.com/robfig/cron/v3 v3.0.1 github.com/robfig/cron/v3 v3.0.1
github.com/rs/zerolog v1.31.0 github.com/rs/zerolog v1.31.0
github.com/samber/lo v1.39.0 github.com/samber/lo v1.39.0

10
go.sum
View File

@ -1,11 +1,5 @@
git.solsynth.dev/hydrogen/dealer v0.0.0-20240823113302-208da7e90fdb h1:dv4uVDMe53eBprW2Q8ocAhZuO+DKWlWyxGiJMiwE62E=
git.solsynth.dev/hydrogen/dealer v0.0.0-20240823113302-208da7e90fdb/go.mod h1:Q51JPkKnV0UoOT/IRmdBh5CyfSlp7s8BRGzgooYHqkI=
git.solsynth.dev/hydrogen/dealer v0.0.0-20240824155914-68c6a5565468 h1:DZ1b5WA1FoUE71zyl6OzQ+QbCo4tPJv077ekM1VQ524=
git.solsynth.dev/hydrogen/dealer v0.0.0-20240824155914-68c6a5565468/go.mod h1:Q51JPkKnV0UoOT/IRmdBh5CyfSlp7s8BRGzgooYHqkI=
git.solsynth.dev/hydrogen/dealer v0.0.0-20240911145828-d734d617bfc8 h1:kWheneSdSySG5tz9TAXrtr546JdMpQZTyWDFk4jeGwg= git.solsynth.dev/hydrogen/dealer v0.0.0-20240911145828-d734d617bfc8 h1:kWheneSdSySG5tz9TAXrtr546JdMpQZTyWDFk4jeGwg=
git.solsynth.dev/hydrogen/dealer v0.0.0-20240911145828-d734d617bfc8/go.mod h1:Q51JPkKnV0UoOT/IRmdBh5CyfSlp7s8BRGzgooYHqkI= git.solsynth.dev/hydrogen/dealer v0.0.0-20240911145828-d734d617bfc8/go.mod h1:Q51JPkKnV0UoOT/IRmdBh5CyfSlp7s8BRGzgooYHqkI=
github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8=
github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=
github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
@ -211,8 +205,6 @@ github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3Rllmb
github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
github.com/nicksnyder/go-i18n/v2 v2.4.0 h1:3IcvPOAvnCKwNm0TB0dLDTuawWEj+ax/RERNC+diLMM=
github.com/nicksnyder/go-i18n/v2 v2.4.0/go.mod h1:nxYSZE9M0bf3Y70gPQjN9ha7XNHX7gMc814+6wVyEI4=
github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY= github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY=
github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
@ -405,8 +397,6 @@ gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

View File

@ -31,10 +31,10 @@ type AuthTicket struct {
Location string `json:"location"` Location string `json:"location"`
IpAddress string `json:"ip_address"` IpAddress string `json:"ip_address"`
UserAgent string `json:"user_agent"` UserAgent string `json:"user_agent"`
RequireMFA bool `json:"require_mfa"` StepRemain int `json:"step_remain"`
RequireAuthenticate bool `json:"require_authenticate"`
Claims datatypes.JSONSlice[string] `json:"claims"` Claims datatypes.JSONSlice[string] `json:"claims"`
Audiences datatypes.JSONSlice[string] `json:"audiences"` Audiences datatypes.JSONSlice[string] `json:"audiences"`
FactorTrail datatypes.JSONSlice[int] `json:"factor_trail"`
GrantToken *string `json:"grant_token"` GrantToken *string `json:"grant_token"`
AccessToken *string `json:"access_token"` AccessToken *string `json:"access_token"`
RefreshToken *string `json:"refresh_token"` RefreshToken *string `json:"refresh_token"`
@ -49,7 +49,7 @@ type AuthTicket struct {
} }
func (v AuthTicket) IsAvailable() error { func (v AuthTicket) IsAvailable() error {
if v.RequireMFA || v.RequireAuthenticate { if v.StepRemain > 0 {
return fmt.Errorf("ticket isn't authenticated yet") return fmt.Errorf("ticket isn't authenticated yet")
} }
if v.AvailableAt != nil && time.Now().Unix() < v.AvailableAt.Unix() { if v.AvailableAt != nil && time.Now().Unix() < v.AvailableAt.Unix() {
@ -62,6 +62,14 @@ func (v AuthTicket) IsAvailable() error {
return nil return nil
} }
func (v AuthTicket) IsCanBeAvailble() error {
if v.StepRemain > 0 {
return fmt.Errorf("ticket isn't authenticated yet")
}
return nil
}
type AuthContext struct { type AuthContext struct {
Ticket AuthTicket `json:"ticket"` Ticket AuthTicket `json:"ticket"`
Account Account `json:"account"` Account Account `json:"account"`

View File

@ -28,7 +28,6 @@ func getTicket(c *fiber.Ctx) error {
func doAuthenticate(c *fiber.Ctx) error { func doAuthenticate(c *fiber.Ctx) error {
var data struct { var data struct {
Username string `json:"username" validate:"required"` Username string `json:"username" validate:"required"`
Password string `json:"password" validate:"required"`
} }
if err := exts.BindAndValidate(c, &data); err != nil { if err := exts.BindAndValidate(c, &data); err != nil {
@ -39,7 +38,7 @@ func doAuthenticate(c *fiber.Ctx) error {
if err != nil { if err != nil {
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("account was not found: %v", err.Error())) return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("account was not found: %v", err.Error()))
} else if user.ConfirmedAt == nil { } else if user.ConfirmedAt == nil {
return fiber.NewError(fiber.StatusForbidden, "account was not confirmed") return fiber.NewError(fiber.StatusForbidden, "account was not confirmed; check your inbox, there will be an email lead you confirm your registration")
} else if user.SuspendedAt != nil { } else if user.SuspendedAt != nil {
return fiber.NewError(fiber.StatusForbidden, "account was suspended") return fiber.NewError(fiber.StatusForbidden, "account was suspended")
} }
@ -49,18 +48,13 @@ func doAuthenticate(c *fiber.Ctx) error {
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("unable setup ticket: %v", err.Error())) return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("unable setup ticket: %v", err.Error()))
} }
ticket, err = services.ActiveTicketWithPassword(ticket, data.Password)
if err != nil {
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("failed to authenticate: %v", err.Error()))
}
return c.JSON(fiber.Map{ return c.JSON(fiber.Map{
"is_finished": ticket.IsAvailable() == nil, "is_finished": ticket.IsAvailable() == nil,
"ticket": ticket, "ticket": ticket,
}) })
} }
func doMultiFactorAuthenticate(c *fiber.Ctx) error { func doAuthTicketCheck(c *fiber.Ctx) error {
var data struct { var data struct {
TicketID uint `json:"ticket_id" validate:"required"` TicketID uint `json:"ticket_id" validate:"required"`
FactorID uint `json:"factor_id" validate:"required"` FactorID uint `json:"factor_id" validate:"required"`
@ -81,7 +75,7 @@ func doMultiFactorAuthenticate(c *fiber.Ctx) error {
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("factor was not found: %v", err.Error())) return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("factor was not found: %v", err.Error()))
} }
ticket, err = services.ActiveTicketWithMFA(ticket, factor, data.Code) ticket, err = services.PerformTicketCheck(ticket, factor, data.Code)
if err != nil { if err != nil {
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("failed to authenticate: %v", err.Error())) return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("failed to authenticate: %v", err.Error()))
} }

View File

@ -76,7 +76,7 @@ func MapAPIs(app *fiber.App, baseURL string) {
auth := api.Group("/auth").Name("Auth") auth := api.Group("/auth").Name("Auth")
{ {
auth.Post("/", doAuthenticate) auth.Post("/", doAuthenticate)
auth.Post("/mfa", doMultiFactorAuthenticate) auth.Patch("/", doAuthTicketCheck)
auth.Post("/token", getToken) auth.Post("/token", getToken)
auth.Get("/tickets/:ticketId", getTicket) auth.Get("/tickets/:ticketId", getTicket)

View File

@ -1,11 +1,12 @@
package services package services
import ( import (
"time"
"git.solsynth.dev/hydrogen/passport/pkg/internal/database" "git.solsynth.dev/hydrogen/passport/pkg/internal/database"
"git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"github.com/google/uuid" "github.com/google/uuid"
"github.com/samber/lo" "github.com/samber/lo"
"time"
) )
func NewApiKey(user models.Account, key models.ApiKey, ip, ua string, claims []string) (models.ApiKey, error) { func NewApiKey(user models.Account, key models.ApiKey, ip, ua string, claims []string) (models.ApiKey, error) {
@ -20,8 +21,7 @@ func NewApiKey(user models.Account, key models.ApiKey, ip, ua string, claims []s
key.Ticket = models.AuthTicket{ key.Ticket = models.AuthTicket{
IpAddress: ip, IpAddress: ip,
UserAgent: ua, UserAgent: ua,
RequireMFA: false, StepRemain: 0,
RequireAuthenticate: false,
Claims: claims, Claims: claims,
Audiences: []string{InternalTokenAudience}, Audiences: []string{InternalTokenAudience},
GrantToken: lo.ToPtr(uuid.NewString()), GrantToken: lo.ToPtr(uuid.NewString()),

View File

@ -2,9 +2,10 @@ package services
import ( import (
"fmt" "fmt"
"github.com/rs/zerolog/log"
"time" "time"
"github.com/rs/zerolog/log"
"github.com/google/uuid" "github.com/google/uuid"
"git.solsynth.dev/hydrogen/passport/pkg/internal/database" "git.solsynth.dev/hydrogen/passport/pkg/internal/database"
@ -14,7 +15,9 @@ import (
const InternalTokenAudience = "solar-network" const InternalTokenAudience = "solar-network"
func DetectRisk(user models.Account, ip, ua string) bool { // DetectRisk is used for detect user environment is suitable for no multi-factor authenticate or not.
// Return the remaining steps, value is from 1 to 2, may appear 3 if user enabled the third-authentication-factor.
func DetectRisk(user models.Account, ip, ua string) int {
var clue int64 var clue int64
if err := database.C. if err := database.C.
Where(models.AuthTicket{AccountID: user.ID, IpAddress: ip}). Where(models.AuthTicket{AccountID: user.ID, IpAddress: ip}).
@ -22,24 +25,36 @@ func DetectRisk(user models.Account, ip, ua string) bool {
Model(models.AuthTicket{}). Model(models.AuthTicket{}).
Count(&clue).Error; err == nil { Count(&clue).Error; err == nil {
if clue >= 1 { if clue >= 1 {
return false return 1
} }
} }
return true return 2
}
// PickTicketAttempt is trying to pick up the ticket that haven't completed but created by a same client (identify by ip address).
// Then the client can continue their journey to get ticket actived.
func PickTicketAttempt(user models.Account, ip string) (models.AuthTicket, error) {
var ticket models.AuthTicket
if err := database.C.
Where("account_id = ? AND ip_address = ? AND expired_at < ? AND available_at IS NULL", user.ID, ip, time.Now()).
First(&ticket).Error; err != nil {
return ticket, err
}
return ticket, nil
} }
func NewTicket(user models.Account, ip, ua string) (models.AuthTicket, error) { func NewTicket(user models.Account, ip, ua string) (models.AuthTicket, error) {
var ticket models.AuthTicket var ticket models.AuthTicket
if err := database.C. if ticket, err := PickTicketAttempt(user, ip); err == nil {
Where("account_id = ? AND expired_at < ? AND available_at IS NULL", time.Now(), user.ID).
First(&ticket).Error; err == nil {
return ticket, nil return ticket, nil
} }
requireMFA := DetectRisk(user, ip, ua) steps := DetectRisk(user, ip, ua)
if count := CountUserFactor(user.ID); count <= 1 { if count := CountUserFactor(user.ID); count <= 0 {
requireMFA = false return ticket, fmt.Errorf("specified user didn't enable sign in")
} else {
steps = min(steps, int(count))
} }
ticket = models.AuthTicket{ ticket = models.AuthTicket{
@ -47,8 +62,7 @@ func NewTicket(user models.Account, ip, ua string) (models.AuthTicket, error) {
Audiences: []string{InternalTokenAudience}, Audiences: []string{InternalTokenAudience},
IpAddress: ip, IpAddress: ip,
UserAgent: ua, UserAgent: ua,
RequireMFA: requireMFA, StepRemain: steps,
RequireAuthenticate: true,
ExpiredAt: nil, ExpiredAt: nil,
AvailableAt: nil, AvailableAt: nil,
AccountID: user.ID, AccountID: user.ID,
@ -91,27 +105,17 @@ func NewOauthTicket(
return ticket, nil return ticket, nil
} }
func ActiveTicketWithPassword(ticket models.AuthTicket, password string) (models.AuthTicket, error) { func ActiveTicket(ticket models.AuthTicket) (models.AuthTicket, error) {
if ticket.AvailableAt != nil { if ticket.AvailableAt != nil {
return ticket, nil return ticket, nil
} else if !ticket.RequireAuthenticate { } else if err := ticket.IsCanBeAvailble(); err != nil {
return ticket, nil
}
if factor, err := GetPasswordTypeFactor(ticket.AccountID); err != nil {
return ticket, fmt.Errorf("unable to active ticket: %v", err)
} else if err = CheckFactor(factor, password); err != nil {
return ticket, err return ticket, err
} }
ticket.RequireAuthenticate = false
if !ticket.RequireAuthenticate && !ticket.RequireMFA {
ticket.AvailableAt = lo.ToPtr(time.Now()) ticket.AvailableAt = lo.ToPtr(time.Now())
ticket.GrantToken = lo.ToPtr(uuid.NewString()) ticket.GrantToken = lo.ToPtr(uuid.NewString())
ticket.AccessToken = lo.ToPtr(uuid.NewString()) ticket.AccessToken = lo.ToPtr(uuid.NewString())
ticket.RefreshToken = lo.ToPtr(uuid.NewString()) ticket.RefreshToken = lo.ToPtr(uuid.NewString())
}
if err := database.C.Save(&ticket).Error; err != nil { if err := database.C.Save(&ticket).Error; err != nil {
return ticket, err return ticket, err
@ -120,29 +124,60 @@ func ActiveTicketWithPassword(ticket models.AuthTicket, password string) (models
return ticket, nil return ticket, nil
} }
func ActiveTicketWithMFA(ticket models.AuthTicket, factor models.AuthFactor, code string) (models.AuthTicket, error) { func ActiveTicketWithPassword(ticket models.AuthTicket, password string) (models.AuthTicket, error) {
if ticket.AvailableAt != nil { if ticket.AvailableAt != nil {
return ticket, nil return ticket, nil
} else if !ticket.RequireMFA { } else if ticket.StepRemain == 1 {
return ticket, fmt.Errorf("multi-factor authentication required")
}
factor, err := GetPasswordTypeFactor(ticket.AccountID)
if err != nil {
return ticket, fmt.Errorf("unable to authenticate, password factor was not found: %v", err)
} else if err := CheckFactor(factor, password); err != nil {
return ticket, fmt.Errorf("invalid password: %v", err)
}
ticket.StepRemain--
ticket.FactorTrail = append(ticket.FactorTrail, int(factor.ID))
ticket.AvailableAt = lo.ToPtr(time.Now())
ticket.GrantToken = lo.ToPtr(uuid.NewString())
ticket.AccessToken = lo.ToPtr(uuid.NewString())
ticket.RefreshToken = lo.ToPtr(uuid.NewString())
if err := database.C.Save(&ticket).Error; err != nil {
return ticket, err
}
return ticket, nil return ticket, nil
}
func PerformTicketCheck(ticket models.AuthTicket, factor models.AuthFactor, code string) (models.AuthTicket, error) {
if ticket.AvailableAt != nil {
return ticket, nil
} else if ticket.StepRemain <= 0 {
return ticket, nil
}
if lo.Contains(ticket.FactorTrail, int(factor.ID)) {
return ticket, fmt.Errorf("already checked this ticket with factor %d", factor.ID)
} }
if err := CheckFactor(factor, code); err != nil { if err := CheckFactor(factor, code); err != nil {
return ticket, fmt.Errorf("invalid code: %v", err) return ticket, fmt.Errorf("invalid code: %v", err)
} }
ticket.RequireMFA = false ticket.StepRemain--
ticket.FactorTrail = append(ticket.FactorTrail, int(factor.ID))
if !ticket.RequireAuthenticate && !ticket.RequireMFA {
ticket.AvailableAt = lo.ToPtr(time.Now())
ticket.GrantToken = lo.ToPtr(uuid.NewString())
ticket.AccessToken = lo.ToPtr(uuid.NewString())
ticket.RefreshToken = lo.ToPtr(uuid.NewString())
}
if ticket.IsCanBeAvailble() == nil {
return ActiveTicket(ticket)
} else {
if err := database.C.Save(&ticket).Error; err != nil { if err := database.C.Save(&ticket).Error; err != nil {
return ticket, err return ticket, err
} }
}
return ticket, nil return ticket, nil
} }

View File

@ -1,12 +1,13 @@
package main package main
import ( import (
"git.solsynth.dev/hydrogen/passport/pkg/internal"
"git.solsynth.dev/hydrogen/passport/pkg/internal/gap"
"os" "os"
"os/signal" "os/signal"
"syscall" "syscall"
pkg "git.solsynth.dev/hydrogen/passport/pkg/internal"
"git.solsynth.dev/hydrogen/passport/pkg/internal/gap"
"git.solsynth.dev/hydrogen/passport/pkg/internal/grpc" "git.solsynth.dev/hydrogen/passport/pkg/internal/grpc"
"git.solsynth.dev/hydrogen/passport/pkg/internal/server" "git.solsynth.dev/hydrogen/passport/pkg/internal/server"
"git.solsynth.dev/hydrogen/passport/pkg/internal/services" "git.solsynth.dev/hydrogen/passport/pkg/internal/services"
@ -58,7 +59,7 @@ func main() {
quartz.AddFunc("@every 60m", services.DoAutoSignoff) quartz.AddFunc("@every 60m", services.DoAutoSignoff)
quartz.AddFunc("@every 60m", services.DoAutoDatabaseCleanup) quartz.AddFunc("@every 60m", services.DoAutoDatabaseCleanup)
quartz.AddFunc("@every 60s", services.RecycleAuthContext) quartz.AddFunc("@every 60s", services.RecycleAuthContext)
quartz.AddFunc("@every 60m", services.RecycleUnConfirmAccount) quartz.AddFunc("@midnight", services.RecycleUnConfirmAccount)
quartz.AddFunc("@every 60s", services.SaveEventChanges) quartz.AddFunc("@every 60s", services.SaveEventChanges)
quartz.Start() quartz.Start()