Merge pull request #11135 from nanaya/inactive-always

notbakaneko · web-flow · commit 43079fb4bf6a · 2024-04-01T20:42:42.000+09:00
Add option to always reset password of inactive users
diff --git a/.env.example b/.env.example
@@ -265,7 +265,7 @@ CLIENT_CHECK_VERSION=false
 # NOTIFICATION_CLEANUP_MAX_DELETE=50000
 
 # The open source bounty info page/form url
-#OS_BOUNTY_URL=http://example.com/bounty_form
+# OS_BOUNTY_URL=http://example.com/bounty_form
 
 # OAUTH_MAX_USER_CLIENTS=1
 
@@ -292,16 +292,16 @@ CLIENT_CHECK_VERSION=false
 # PAGINATION_MAX_COUNT=10000
 
 ## Limits for the allowed number of simultaneous beatmapset uploads (displayed on the support page: /home/support)
-#BEATMAPSET_UPLOAD_ALLOWED=4
-#BEATMAPSET_UPLOAD_BONUS_PER_RANKED=1
-#BEATMAPSET_UPLOAD_BONUS_PER_RANKED_MAX=2
-#BEATMAPSET_UPLOAD_ALLOWED_SUPPORTER=8
-#BEATMAPSET_UPLOAD_BONUS_PER_RANKED_SUPPORTER=1
-#BEATMAPSET_UPLOAD_BONUS_PER_RANKED_MAX_SUPPORTER=12
+# BEATMAPSET_UPLOAD_ALLOWED=4
+# BEATMAPSET_UPLOAD_BONUS_PER_RANKED=1
+# BEATMAPSET_UPLOAD_BONUS_PER_RANKED_MAX=2
+# BEATMAPSET_UPLOAD_ALLOWED_SUPPORTER=8
+# BEATMAPSET_UPLOAD_BONUS_PER_RANKED_SUPPORTER=1
+# BEATMAPSET_UPLOAD_BONUS_PER_RANKED_MAX_SUPPORTER=12
 
-#RECAPTCHA_SECRET=
-#RECAPTCHA_SITEKEY=
-#RECAPTCHA_THRESHOLD=
+# RECAPTCHA_SECRET=
+# RECAPTCHA_SITEKEY=
+# RECAPTCHA_THRESHOLD=
 
 # TWITCH_CLIENT_ID=
 # TWITCH_CLIENT_SECRET=
@@ -336,3 +336,6 @@ CLIENT_CHECK_VERSION=false
 
 # USER_COUNTRY_CHANGE_MAX_MIXED_MONTHS=2
 # USER_COUNTRY_CHANGE_MIN_MONTHS=6
+
+# USER_INACTIVE_DAYS_VERIFICATION=180
+# USER_INACTIVE_FORCE_PASSWORD_RESET=false
diff --git a/app/Libraries/User/ForceReactivation.php b/app/Libraries/User/ForceReactivation.php
@@ -13,6 +13,7 @@
 
 class ForceReactivation
 {
+    const INACTIVE = 'inactive';
     const INACTIVE_DIFFERENT_COUNTRY = 'inactive_different_country';
 
     private $country;
@@ -27,8 +28,12 @@ public function __construct($user, $request)
 
         $this->country = request_country($this->request);
 
-        if ($this->user->isInactive() && $this->user->country_acronym !== $this->country) {
-            $this->reason = static::INACTIVE_DIFFERENT_COUNTRY;
+        if ($this->user->isInactive()) {
+            if ($this->user->country_acronym !== $this->country) {
+                $this->reason = static::INACTIVE_DIFFERENT_COUNTRY;
+            } elseif ($GLOBALS['cfg']['osu']['user']['inactive_force_password_reset']) {
+                $this->reason = static::INACTIVE;
+            }
         }
     }
 
@@ -62,9 +67,11 @@ public function run()
 
     private function addHistoryNote()
     {
-        if ($this->reason === static::INACTIVE_DIFFERENT_COUNTRY) {
-            $message = "First login after {$this->user->user_lastvisit->diffInDays()} days from {$this->country}. Forcing password reset.";
-        }
+        $message = match ($this->reason) {
+            static::INACTIVE => "First login after {$this->user->user_lastvisit->diffInDays()} days. Forcing password reset.",
+            static::INACTIVE_DIFFERENT_COUNTRY => "First login after {$this->user->user_lastvisit->diffInDays()} days from {$this->country}. Forcing password reset.",
+            default => null,
+        };
 
         if ($message !== null) {
             UserAccountHistory::addNote($this->user, $message);
diff --git a/config/osu.php b/config/osu.php
@@ -247,6 +247,7 @@
         'allowed_rename_groups' => explode(' ', env('USER_ALLOWED_RENAME_GROUPS', 'default')),
         'bypass_verification' => get_bool(env('USER_BYPASS_VERIFICATION')) ?? false,
         'hide_pinned_solo_scores' => get_bool(env('USER_HIDE_PINNED_SOLO_SCORES')) ?? true,
+        'inactive_force_password_reset' => get_bool(env('USER_INACTIVE_FORCE_PASSWORD_RESET') ?? false),
         'inactive_seconds_verification' => (get_int(env('USER_INACTIVE_DAYS_VERIFICATION')) ?? 180) * 86400,
         'min_plays_for_posting' => get_int(env('USER_MIN_PLAYS_FOR_POSTING')) ?? 10,
         'min_plays_allow_verified_bypass' => get_bool(env('USER_MIN_PLAYS_ALLOW_VERIFIED_BYPASS')) ?? true,
diff --git a/resources/lang/en/users.php b/resources/lang/en/users.php
@@ -97,6 +97,7 @@
 
     'force_reactivation' => [
         'reason' => [
+            'inactive' => "Your account hasn't been used in a long time.",
             'inactive_different_country' => "Your account hasn't been used in a long time.",
         ],
     ],
diff --git a/tests/Controllers/SessionsControllerTest.php b/tests/Controllers/SessionsControllerTest.php
@@ -45,6 +45,25 @@ public function testLoginInactiveUser()
         $this->get(route('home'))->assertStatus(401);
     }
 
+    public function testLoginInactiveUserForceReset(): void
+    {
+        config_set('osu.user.inactive_force_password_reset', true);
+
+        $password = 'password1';
+        $countryAcronym = (Country::first() ?? Country::factory()->create())->getKey();
+        $user = User::factory()->create(['password' => $password, 'country_acronym' => $countryAcronym]);
+        $user->update(['user_lastvisit' => time() - $GLOBALS['cfg']['osu']['user']['inactive_seconds_verification'] - 1]);
+
+        $this->post(route('login'), [
+            'username' => $user->username,
+            'password' => $password,
+        ], [
+            'CF_IPCOUNTRY' => $countryAcronym,
+        ])->assertStatus(302);
+
+        $this->assertGuest();
+    }
+
     public function testLoginInactiveUserDifferentCountry()
     {
         $password = 'password1';
