Add admin tools

app/models.py

@@ -23,6 +23,7 @@ class User(UserMixin, db.Model):
     username = db.Column(db.String(64), index=True, unique=True)
     password_hash = db.Column(db.String(128))
     last_seen = db.Column(db.DateTime, default=datetime.utcnow())
+    is_admin = db.Column(db.Boolean, default=False, nullable=True)
     posts = db.relationship('Post', backref='author', lazy='dynamic')
 
     def __repr__(self):
@@ -30,6 +31,9 @@ class User(UserMixin, db.Model):
 
     def set_last_seen(self):
         self.last_seen = datetime.utcnow()
+    
+    def set_admin_user(self):
+        self.is_admin = True
 
     def set_password(self, password):
         self.password_hash = generate_password_hash(password)

app/routes.py

@@ -21,6 +21,7 @@ import feedparser
 import requests
 import bleach
 import urllib
+import math
 import json
 import re
 #########################################
@@ -378,6 +379,9 @@ def login():
         if user is None or not user.check_password(form.password.data):
             flash('Invalid username or password')
             return redirect(url_for('login'))
+        if user.username == config['admin_user']:
+            user.set_admin_user()
+            db.session.commit()
         login_user(user, remember=form.remember_me.data)
         next_page = request.args.get('next')
         if not next_page or url_parse(next_page).netloc != '':
@@ -417,7 +421,28 @@ def settings():
         "totalUsers":db.session.query(User).count(),
         "active":active,
     }
-    return render_template('settings.html', info=instanceInfo, config=config)
+    return render_template('settings.html', info=instanceInfo, config=config, admin=current_user.is_admin)
+
+@app.route('/clear_inactive_users/<phash>')
+@login_required
+def clear_inactive_users(phash):
+    ahash = User.query.filter_by(username=config['admin_user']).first().password_hash
+    if phash == ahash:
+        users = db.session.query(User).all()
+        for u in users:
+            if u.username == config['admin_user']:
+                continue
+            t = datetime.datetime.utcnow() - u.last_seen
+            t = math.floor(t.total_seconds())
+            max_old_s = config['max_old_user_days']*86400
+            if t > max_old_s:
+                user = User.query.filter_by(username=u.username).first()
+                print("deleted "+u.username)
+                db.session.delete(user)
+                db.session.commit()
+    else:
+        flash("You must be admin for this action")
+    return redirect(request.referrer)
 
 @app.route('/export')
 @login_required

app/templates/settings.html

@@ -79,6 +79,16 @@
             <div class="control-me"><a href="/deleteme"><button class="ui red button">Delete account</button></a></div>   
         </div>
 
+        {% if admin %}
+        <div class="ui segment">
+            <h2 class="ui centered header">
+                Admin tools
+            </h2>
+            <label for="toggle">Delete accounts with last login older than {{config.max_old_user_days}} days.</label> <br>
+            <a href="/clear_inactive_users/{{current_user.password_hash}}"><button class="ui red button">Delete</button></a></div>   
+        </div>
+        {% endif %}
+
         <!-- INSTANCE INFO -->
         <h1 class="ui header">{{config.serverName}} Info</h1>
         <div class="ui segments">

yotter-config.json

@@ -1,12 +1,14 @@
 {
 	"serverName": "yotter.xyz",
 	"nitterInstance": "https://nitter.net/",
-	"maxInstanceUsers": 30,
+	"maxInstanceUsers": 60,
 	"serverLocation": "Germany",
 	"restrictPublicUsage":true,
 	"nginxVideoStream":false,
 	"maintenance_mode":false,
 	"show_admin_message":false,
 	"admin_message_title":"Message from the admin",
-	"admin_message":"Message from the admin text"
+	"admin_message":"Message from the admin text",
+	"admin_user":"admin_username",
+	"max_old_user_days": 60
 }