2603.8 purging old records

2026-03-13 16:01:19 -04:00
parent 86573769ca
commit 1e57388299
8 changed files with 191 additions and 17 deletions
--- a/purge.php
+++ b/purge.php
@@ -0,0 +1,67 @@
+<?php
+/**
+ * portspoof_concentrator – HTTP purge trigger
+ *
+ * Runs the same purge logic as cron/purge.php when called over HTTP.
+ * Deletes connections older than the retention_days setting.
+ *
+ * Authentication (any one of):
+ *   - Active web session (logged-in browser)
+ *   - Authorization: Bearer <TRIGGER_TOKEN>
+ *   - ?token=<TRIGGER_TOKEN>
+ *
+ * Usage:
+ *   GET/POST  /purge.php
+ *   GET/POST  /purge.php?token=<secret>
+ *   GET/POST  /purge.php   (with header: Authorization: Bearer <secret>)
+ *
+ * Always returns JSON.
+ */
+
+require_once __DIR__ . '/includes/auth.php';
+require_once __DIR__ . '/includes/functions.php';
+
+header('Content-Type: application/json');
+
+// ── Auth ──────────────────────────────────────────────────────────────────────
+
+$session_ok = false;
+if (auth_enabled()) {
+    if (session_status() === PHP_SESSION_NONE) {
+        session_start();
+    }
+    $session_ok = !empty($_SESSION['authenticated']);
+}
+
+$token_ok = false;
+if (TRIGGER_TOKEN !== '') {
+    $provided = '';
+    $auth_header = $_SERVER['HTTP_AUTHORIZATION'] ?? '';
+    if (str_starts_with($auth_header, 'Bearer ')) {
+        $provided = substr($auth_header, 7);
+    }
+    if ($provided === '' && isset($_REQUEST['token'])) {
+        $provided = $_REQUEST['token'];
+    }
+    $token_ok = $provided !== '' && hash_equals(TRIGGER_TOKEN, $provided);
+}
+
+if (!$session_ok && !$token_ok) {
+    http_response_code(401);
+    echo json_encode(['error' => 'Unauthorized']);
+    exit;
+}
+
+// ── Run purge ─────────────────────────────────────────────────────────────────
+
+$started_at     = microtime(true);
+$retention_days = max(1, (int)get_setting('retention_days', '7'));
+$deleted        = purge_old_connections();
+$elapsed_ms     = (int)round((microtime(true) - $started_at) * 1000);
+
+echo json_encode([
+    'ok'             => true,
+    'elapsed_ms'     => $elapsed_ms,
+    'retention_days' => $retention_days,
+    'deleted'        => $deleted,
+], JSON_PRETTY_PRINT);