Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Inactive account endpoint #5

Merged
merged 4 commits into from
Nov 5, 2024
Merged

Add Inactive account endpoint #5

merged 4 commits into from
Nov 5, 2024

Conversation

malosayli
Copy link

Inactive Account Management

Changes Made

  • Added configuration options for account inactivity management:
    • Inactivity threshold period configuration
    • Custom schema modifications to support new settings
  • Implemented new API endpoints:
    • PUT endpoint to list inactive identities and deactivate them
  • Added database layer support:
    • SQL queries for identifying inactive accounts based on last activity
    • Update operations for account deactivation
  • Implemented business logic:
    • Manager methods for inactive account detection
    • Persister methods for handling deactivation states
    • Activity tracking mechanisms

Why

To enhance security and resource management by automatically identifying and handling dormant accounts. This feature allows administrators to:

  • Monitor account activity patterns
  • Enforce account lifecycle policies
  • Maintain cleaner user databases
  • Reduce security risks from abandoned accounts

Technical Details

  • Extended Kratos schema to include inactivity configuration
  • Added persistence layer modifications for tracking last activity
  • Implemented RESTful endpoints for administrative control

@malosayli
feat: add inactive identity deactivation
82c76e5 
Adds functionality to automatically deactivate identities that have been inactive
for a configurable period.

Key changes:
- Add config option for inactivity threshold period
- Add API endpoint to list and deactivate inactive identities
- Add SQL queries to find and update inactive identities
- Add manager and persister methods to handle deactivation
@malosayli
refactor: only run deactivation if there are any inactive identities
babaf58
@malosayli
chore: add identity inactivity threshold config key
0b6906c
@malosayli
chore: new config to schema json file
2c790a0
@malosayli malosayli requested a review from aalkhodiry November 5, 2024 13:36
@malosayli
Copy link
Author

malosayli commented Nov 5, 2024
edited
Loading

@aalkhodiry For the schema version source I was able to point to nayla version by adding this comment at the top of kratos.yaml file

# yaml-language-server: $schema=https://raw.githubusercontent.com/nayla-finance/kratos/refs/heads/master/.schema/version.schema.json

aalkhodiry
aalkhodiry reviewed Nov 5, 2024
View reviewed changes
identity/handler.go
"id": id.ID,
"state": id.State,
"created_at": id.CreatedAt,
"updated_at": id.UpdatedAt,
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this should include a last activity field some how (like last_session_at)

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes I agree it'll be easier to add a last_active_at to identities table and update it on every login which will make the lookup for inactive much easier. with this we don't need to keep at least one session for each identity we can just run a job to delete all the sessions every few days

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No not like this, I mean last_active_at is the max session time in the query

@aalkhodiry aalkhodiry merged commit 98410f6 into master Nov 5, 2024
@aalkhodiry aalkhodiry deleted the inactive-account branch November 5, 2024 19:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aalkhodiry aalkhodiry aalkhodiry approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@malosayli @aalkhodiry