Update peer status when login expires (#688)

Extend PeerStatus with an extra field LoginExpired, that can be stored in the database.
2026-04-27 20:56:44 +00:00 · 2023-02-15 11:27:22 +01:00
parent 756ce96da9
commit d31219ba89
5 changed files with 68 additions and 7 deletions
--- a/management/server/grpcserver.go
+++ b/management/server/grpcserver.go
@@ -137,7 +137,11 @@ func (s *GRPCServer) Sync(req *proto.EncryptedMessage, srv proto.ManagementServi
 		return status.Error(codes.Internal, "internal server error")
 	}
 	expired, left := peer.LoginExpired(account.Settings)
-	if peer.UserID != "" && expired {
+	if peer.UserID != "" && (expired || peer.Status.LoginExpired) {
+		err = s.accountManager.MarkPeerLoginExpired(peerKey.String(), true)
+		if err != nil {
+			log.Warnf("failed marking peer login expired %s %v", peerKey, err)
+		}
 		return status.Errorf(codes.PermissionDenied, "peer login has expired %v ago. Please log in once more", left)
 	}

@@ -377,9 +381,13 @@ func (s *GRPCServer) Login(ctx context.Context, req *proto.EncryptedMessage) (*p
 		return nil, status.Error(codes.Internal, "internal server error")
 	}
 	expired, left := peer.LoginExpired(account.Settings)
-	if peer.UserID != "" && expired {
+	if peer.UserID != "" && (expired || peer.Status.LoginExpired) {
 		// it might be that peer expired but user has logged in already, check token then
 		if loginReq.GetJwtToken() == "" {
+			err = s.accountManager.MarkPeerLoginExpired(peerKey.String(), true)
+			if err != nil {
+				log.Warnf("failed marking peer login expired %s %v", peerKey, err)
+			}
 			return nil, status.Errorf(codes.PermissionDenied,
 				"peer login has expired %v ago. Please log in once more", left)
 		}