Development

2026-06-08 01:19:29 -04:00 · 2026-06-08 01:19:29 -04:00 · b4e773c7b2
commit b4e773c7b2
parent f011594b04
5 changed files with 32 additions and 7 deletions
--- a/routlin/check_captive_users.py
+++ b/routlin/check_captive_users.py
@ -39,11 +39,23 @@ def main():
                (now,),
            )
        ]
+        account_expired_ips = [
+            row["ip"]
+            for row in conn.execute(
+                """SELECT s.ip FROM sessions s
+                   JOIN credentials c ON s.credential_id = c.id
+                   WHERE c.expires_seconds > 0
+                     AND (c.date_set + c.expires_seconds) <= ?""",
+                (now,),
+            )
+        ]
    except sqlite3.OperationalError:
        conn.close()
        return

-    if not expired_ips:
+    all_ips = list(set(expired_ips + account_expired_ips))
+
+    if not all_ips:
        conn.close()
        return

@ -51,14 +63,24 @@ def main():
        "DELETE FROM sessions WHERE expires_at IS NOT NULL AND expires_at <= ?",
        (now,),
    )
+    if account_expired_ips:
+        conn.execute(
+            """DELETE FROM sessions WHERE id IN (
+               SELECT s.id FROM sessions s
+               JOIN credentials c ON s.credential_id = c.id
+               WHERE c.expires_seconds > 0
+                 AND (c.date_set + c.expires_seconds) <= ?)""",
+            (now,),
+        )
    conn.commit()
    conn.close()

-    lines = "".join(f"disallow {ip}\n" for ip in expired_ips)
+    lines = "".join(f"disallow {ip}\n" for ip in all_ips)
    with open(QUEUE_FILE, "a") as f:
        f.write(lines)

-    print(f"check_captive_users: queued disallow for {len(expired_ips)} expired session(s).")
+    print(f"check_captive_users: queued disallow for {len(all_ips)} expired session(s) "
+          f"({len(expired_ips)} session timeout, {len(account_expired_ips)} account expired).")


 if __name__ == "__main__":