-
Notifications
You must be signed in to change notification settings - Fork 324
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add basic user banning functionality #343
Conversation
b707765
to
69c0545
Compare
current filtering syntax is too basic to support filtering by banned users:
I'm thinking of changing this to the following but it involves making a breaking change to the API (so i'll do it in a separate PR): /admin/users?email=email
/admin/users?fullname=fullname
/admin/users?ban_until=timestamp
# of course, the following will be possible too
/admin/users?email=email&fullname=fullname&ban_until=timestamp |
-- updates users_instance_id_email_idx definition | ||
|
||
DROP INDEX IF EXISTS users_instance_id_email_idx; | ||
CREATE INDEX IF NOT EXISTS users_instance_id_email_idx on users using btree (instance_id, lower(email)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not related to this PR but this addresses #247
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Generally seems fine. Not the biggest fan of using the magic string of "0" to un-ban a user-your call on whether you want that more spec'ed out or to go ahead with this.
hmm would it be better to create an enum like |
I'd probably go the route of having a separate enum, rather than relying on the ban_duration field missing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
needs some documentation but otherwise looks good 🥇
"email": "test4@example.com", | ||
"phone": "", | ||
"password": "test1", | ||
"ban_duration": "24h", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can you confirm the format for what is accepted by ban_duration and also document it in the README 👌
README.md
Outdated
"phone_confirm": true, | ||
"user_metadata": {}, | ||
"app_metadata": {}, | ||
"ban_duration": "24h" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sorry this is pedantic but is there a link to the format spec - e.g. can I do 24h 32m 6s
or 24h 3s
or 1y3m2s
(with no spaces) ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yup, this is the format spec it follows
https://pkg.go.dev/time#ParseDuration
🎉 This PR is included in version 2.4.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
What kind of change does this PR introduce?
ban_until
column inauth.users
to restrict specific user access until a certain time.GET /admin/users
should allow filtering by usersPUT /admin/users/<user_id>
should allow banning an existing useradminUserParams
struct to include aBanDuration
fieldConsiderations
ban_until
column.if user.IsBanned() { ... }
), the api performance won't be compromised.Todo
ban_until
column inusers
table/token
/verify
/callback