add token cleanup

Author: ylebre

TODO

@@ -40,8 +40,8 @@
 - [-] Auto-create-storage
 - [v] jtiStore
 
-- [ ] Cleanup for expired verify tokens, password, deletion
-- [ ] Password requirements
+- [v] Cleanup for expired verify tokens, password, deletion
+- [v] Password requirements
 
 ----------------------
 

config.php.example

@@ -5,6 +5,7 @@
     const KEYDIR = __DIR__ . "/keys/";
     const FRONTENDDIR = __DIR__ . "/frontend/";
     const DBPATH = __DIR__ . "/db/solid.db";
+    const CLEANUP_FILE = __DIR__ . "/db/lastcleanup";
 
     const MAILER = [
         "host" => "mailpit",

lib/User.php

@@ -334,5 +334,17 @@ public static function deleteAccount($email) {
 			// FIXME: Delete storage;
 			self::deleteAllowedClients($email);
 			self::deleteUser($email);
-		}		
+		}
+
+		public static function cleanupTokens() {
+			self::connect();
+
+			$now = new \DateTime();
+			$query = self::$pdo->prepare(
+				'DELETE FROM verify WHERE expires < :now'
+			);
+			$query->execute([
+				':now' => $now->getTimestamp()
+			]);
+		}
 	}		

www/idp/index.php

@@ -379,6 +379,10 @@
 					header($_SERVER['SERVER_PROTOCOL'] . " 404 Not found");
 				break;
 			}
+			if (!file_exists(CLEANUP_FILE) || (filemtime(CLEANUP_FILE) < time())) {
+				touch(CLEANUP_FILE, time() + 3600);
+				User::cleanupTokens();
+			}
 		break;
 		case "OPTIONS":
 		break;