From 77ab4ef292e5261499efe6b8fee1a25c5719270d Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Wed, 24 Jul 2024 20:46:27 +0100
Subject: [PATCH] Add expiry for OAuth 2 grants and tokens

---
 script/cleanup | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/script/cleanup b/script/cleanup
index 7601d35cf..e829be176 100755
--- a/script/cleanup
+++ b/script/cleanup
@@ -6,4 +6,7 @@ OauthNonce.where("timestamp < EXTRACT(EPOCH FROM NOW() - INTERVAL '1 day')").del
 OauthToken.where("invalidated_at < NOW() - INTERVAL '28 days'").delete_all
 RequestToken.where("authorized_at IS NULL AND created_at < NOW() - INTERVAL '28 days'").delete_all
 
+Doorkeeper::AccessGrant.where("revoked_at < NOW() - INTERVAL '28 days' OR (created_at + expires_in * INTERVAL '1 second') < NOW() - INTERVAL '28 days'").delete_all
+Doorkeeper::AccessToken.where("revoked_at < NOW() - INTERVAL '28 days' OR (created_at + expires_in * INTERVAL '1 second') < NOW() - INTERVAL '28 days'").delete_all
+
 exit 0
-- 
2.39.5