add automatic inactivity bans

This commit is contained in:
2026-06-21 15:47:36 +02:00
parent e30ead0174
commit f190ff073a
2 changed files with 57 additions and 0 deletions

View File

@@ -72,6 +72,7 @@
"meme_creator": true, "meme_creator": true,
"enable_cleanup": false, "enable_cleanup": false,
"enable_data_export": true, "enable_data_export": true,
"inactivity_ban_days": 60,
"enable_user_api_keys": true, "enable_user_api_keys": true,
"enable_user_invites": true, "enable_user_invites": true,
"user_invite_slots": 2, "user_invite_slots": 2,

View File

@@ -1331,4 +1331,60 @@ process.on('uncaughtException', err => {
setTimeout(cleanupStaleSessions, 30_000); setTimeout(cleanupStaleSessions, 30_000);
setInterval(cleanupStaleSessions, CLEANUP_INTERVAL_MS); setInterval(cleanupStaleSessions, CLEANUP_INTERVAL_MS);
// ── Inactivity ban — permanently ban accounts that haven't logged in for N days
// Set websrv.inactivity_ban_days = 0 (or omit) to disable this feature entirely.
const INACTIVITY_BAN_DAYS = parseInt(cfg.websrv.inactivity_ban_days) || 0;
if (INACTIVITY_BAN_DAYS <= 0) {
console.log(`[BOOT] Inactivity ban: DISABLED (set websrv.inactivity_ban_days > 0 to enable)`);
} else {
const INACTIVITY_BAN_INTERVAL_MS = 6 * 60 * 60 * 1000; // every 6 hours
const banInactiveUsers = async () => {
try {
const cutoffSecs = ~~(Date.now() / 1e3) - INACTIVITY_BAN_DAYS * 24 * 60 * 60;
// Find activated, non-banned, non-admin, non-moderator accounts whose
// last_seen timestamp has passed the inactivity threshold.
// Accounts with last_seen = 0 (never logged in) are also included.
const targets = await db`
SELECT id, login
FROM "user"
WHERE banned = false
AND activated = true
AND admin = false
AND is_moderator = false
AND login != 'deleted_user'
AND last_seen <= ${cutoffSecs}
`;
if (targets.length === 0) return;
const ids = targets.map(u => u.id);
const reason = `Inactivity (no login for ${INACTIVITY_BAN_DAYS}+ days)`;
await db`
UPDATE "user"
SET banned = true,
ban_reason = ${reason},
ban_expires = NULL
WHERE id = ANY(${ids})
`;
// Terminate all open sessions for banned accounts
await db`DELETE FROM user_sessions WHERE user_id = ANY(${ids})`;
console.log(`[INACTIVITY BAN] Banned ${targets.length} inactive account(s) (threshold: ${INACTIVITY_BAN_DAYS} days): ${targets.map(u => u.login).join(', ')}`);
} catch (err) {
console.error('[INACTIVITY BAN] Failed:', err.message);
}
};
console.log(`[BOOT] Inactivity ban: enabled — threshold ${INACTIVITY_BAN_DAYS} days (config: websrv.inactivity_ban_days)`);
// Run once after startup (60s delay to let DB settle), then every 6 hours
setTimeout(banInactiveUsers, 60_000);
setInterval(banInactiveUsers, INACTIVITY_BAN_INTERVAL_MS);
}
})(); })();