hail-is · grohli · Jan 9, 2025 · Jan 10, 2025 · Jan 10, 2025 · Jan 14, 2025
diff --git a/auth/auth/auth.py b/auth/auth/auth.py
@@ -769,7 +769,7 @@ async def get_userinfo_from_hail_session_id(request: web.Request, session_id: st
 SELECT users.*
 FROM users
 INNER JOIN sessions ON users.id = sessions.user_id
-WHERE users.state = 'active' AND sessions.session_id = %s AND (ISNULL(sessions.max_age_secs) OR (NOW() < TIMESTAMPADD(SECOND, sessions.max_age_secs, sessions.created)));
+WHERE (users.state = 'active' OR users.state = 'inactive') AND sessions.session_id = %s AND (ISNULL(sessions.max_age_secs) OR (NOW() < TIMESTAMPADD(SECOND, sessions.max_age_secs, sessions.created)));
 """,
             session_id,
             'get_userinfo',
@@ -778,6 +778,18 @@ async def get_userinfo_from_hail_session_id(request: web.Request, session_id: st
 
     if len(users) != 1:
         return None
+
+    if users[0]['state'] == 'active' and len(users) == 1:
+        current_uid = users[0]['id']
+        await db.execute_update(
+            """
+UPDATE users
+SET last_active = NOW()
+WHERE id = %s;
+""",
+            current_uid,
+        )
+
     return typing.cast(UserData, users[0])
 
 

diff --git a/auth/sql/estimated-current.sql b/auth/sql/estimated-current.sql
@@ -1,7 +1,7 @@
 CREATE TABLE `users` (
   `id` INT(11) NOT NULL AUTO_INCREMENT,
   `state` VARCHAR(100) NOT NULL,
-  -- creating, active, deleting, deleted
+  -- creating, active, deleting, deleted, inactive
   `username` varchar(255) NOT NULL COLLATE utf8mb4_0900_as_cs,
   `login_id` varchar(255) DEFAULT NULL COLLATE utf8mb4_0900_as_cs,
   `display_name` varchar(255) DEFAULT NULL,
@@ -16,11 +16,21 @@
   -- namespace, for developers
   `namespace_name` varchar(255) DEFAULT NULL,
   `trial_bp_name` varchar(300) DEFAULT NULL,
+  -- "last active" tracking
+  `last_active` TIMESTAMP NOT NULL DEFAULT NOW(),
   PRIMARY KEY (`id`),
   UNIQUE KEY `email` (`email`),
   UNIQUE KEY `username` (`username`)
 ) ENGINE=InnoDB;
 
+CREATE EVENT `disable_inactive`
+    ON SCHEDULE EVERY 1 DAY
+    ON COMPLETION PRESERVE
+    DO
+        UPDATE users
+        SET users.state = 'inactive'
+        WHERE (users.state = 'active') AND (users.last_active IS NOT NULL) AND (DATEDIFF(CURRENT_DATE(), users.last_active) > 60);
+
 CREATE TABLE `sessions` (
   `session_id` VARCHAR(255) NOT NULL,
   `user_id` INT(11) NOT NULL,

diff --git a/gear/gear/auth.py b/gear/gear/auth.py
@@ -65,6 +65,8 @@ async def wrapped(request: web.Request) -> web.StreamResponse:
                     if redirect or (redirect is None and '/api/' not in request.path):
                         raise login_redirect(request)
                     raise web.HTTPUnauthorized()
+                elif userdata['state'] == 'inactive':
+                    raise web.HTTPUnauthorized()
                 return await fun(request, userdata)
 
             return wrapped