openwisp/openwisp-radius

[bug] Issues with unverify and delete inactive users (last_login=None and registration method)

Closed this issue · 0 comments

1. last_login

This new feature does not take into account users who do not have a last_login date.

If a user is created manually or does not follow the standard flow, it is possible that the account will never be used but will never be deleted by these features.

In case the last_login is not available we can use the date_joined field.

2. Unverifying does not take into account RegisteredUser.method

Something I had not thought about before: if a user is manually created, flagging them as not verified will most likely going to prevent them from using their account, they will not be able to verify it again as it happens with mobile phone or payment.

Therefore we need to exclude the following methods from this query: unspecified, manually created and email.
Why not just filter for mobile phone? Because the list of methods is extended by other modules.