track activity of individual tokens

2025-10-17 23:13:00 +00:00 · 2017-12-19 11:23:11 +01:00
parent 9640364713
commit d16461052b
3 changed files with 21 additions and 4 deletions
--- a/jupyterhub/apihandlers/auth.py
+++ b/jupyterhub/apihandlers/auth.py
@@ -3,6 +3,7 @@
 # Copyright (c) Jupyter Development Team.
 # Distributed under the terms of the Modified BSD License.

+from datetime import datetime
 import json
 from urllib.parse import quote

@@ -31,6 +32,9 @@ class TokenAPIHandler(APIHandler):
            self.db.delete(orm_token)
            self.db.commit()
            raise web.HTTPError(404)
+        # record activity whenever we see a token
+        orm_token.last_activity = datetime.utcnow()
+        self.db.commit()
        self.write(json.dumps(model))

    @gen.coroutine
@@ -49,7 +53,7 @@ class TokenAPIHandler(APIHandler):
                raise web.HTTPError(403)
        else:
            data = self.get_json_body()
-            # admin users can request 
+            # admin users can request tokens for other usrs
            if data and data.get('username') != user.name:
                if user.admin:
                    user = self.find_user(data['username'])
--- a/jupyterhub/handlers/base.py
+++ b/jupyterhub/handlers/base.py
@@ -6,7 +6,7 @@
 import copy
 import re
 import time
-from datetime import timedelta
+from datetime import datetime, timedelta
 from http.client import responses
 from urllib.parse import urlparse, urlunparse, parse_qs, urlencode
 import uuid
@@ -191,6 +191,8 @@ class BaseHandler(RequestHandler):
        if orm_token is None:
            return None
        else:
+            orm_token.last_activity = datetime.utcnow()
+            self.db.commit()
            return self._user_from_orm(orm_token.user)

    def get_current_user_token(self):
@@ -202,6 +204,9 @@ class BaseHandler(RequestHandler):
        if orm_token is None:
            return None
        else:
+            # record token activity
+            orm_token.last_activity = datetime.utcnow()
+            self.db.commit()
            return orm_token.service or self._user_from_orm(orm_token.user)

    def _user_for_cookie(self, cookie_name, cookie_value=None):
--- a/jupyterhub/orm.py
+++ b/jupyterhub/orm.py
@@ -319,6 +319,11 @@ class APIToken(Hashed, Base):
    hashed = Column(Unicode(255), unique=True)
    prefix = Column(Unicode(16), index=True)

+    # token metadata for bookkeeping
+    created = Column(DateTime, default=datetime.utcnow)
+    last_activity = Column(DateTime)
+    note = Column(Unicode(1023))
+
    def __repr__(self):
        if self.user is not None:
            kind = 'user'
@@ -419,6 +424,9 @@ class OAuthAccessToken(Hashed, Base):
    hashed = Column(Unicode(255), unique=True)
    prefix = Column(Unicode(16), index=True)

+    created = Column(DateTime, default=datetime.utcnow)
+    last_activity = Column(DateTime, nullable=True)
+
    def __repr__(self):
        return "<{cls}('{prefix}...', user='{user}'>".format(
            cls=self.__class__.__name__,