Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[MU] List inactive users #1298

Open
quantranhong1999 opened this issue Nov 12, 2024 · 5 comments
Open

[MU] List inactive users #1298

quantranhong1999 opened this issue Nov 12, 2024 · 5 comments
Labels
customer grooming

Comments

@quantranhong1999
Copy link
Member

Why

MU requires us the ability to report the inactive users list for example the users who have not used our services in the last 3 months.

We need to record the users's login activity.

Today we have user login activity using AuditTrail with login logs stored in Loki. However upon large data size (TMail produces a lot of logs), Loki strips a part of the logs to give an in-time response, which makes the users activity analysis not reliable.

We need to store that piece of information somewhere else rather than Loki.

How

Storage

Redis seems to be the suitable storage for the need: famous for session data use case, fast write, AOF seems reasonable for data backup (could accept a bit of data lag for user activity use case).

Code change

We likely could override Authenticator e.g. write a TMailUserRepositoryAuthenticator that injects UserRepositoryAuthenticator with the Redis part to publish the user login information.

For Redis data structure, we can likely use SET:

  • key could be the username (check for sure it does not conflict with the rate limit key,...).
  • value could be login timestamp.

We would need a webadmin route to list:

  • never active users
  • inactive users for a duration e.g. the last 3 months

We would need to have a module chooser to enable the user login recording module.

DoD

Integration tests + docs.

Could be another task to deploy the work on MU after careful testing.
@chibenwa
Copy link
Member

key could be the lastConnectionDate/{username}

@chibenwa
Copy link
Member

=> We would need a webadmin route

Please detail the webadmin route

@chibenwa
Copy link
Member

Cc @guimard

@quantranhong1999
Copy link
Member Author

Please detail the webadmin route

Could be something like:

curl -XGET /reports/users/usernameToBeUsed?status=inactive
would list the users who have never accessed TMail service

curl -XGET /reports/users/usernameToBeUsed?status=inactive&duration=3months
would list the users who have not accessed TMail service for the last 3 months

@chibenwa
Copy link
Member

No lets actually just expose what is stored.

We can add further per user info as: ip, mail user agent

Often that's very usefull for audit.

We shall separate IMAP and SMTP

How about:

curl -XGET /reports/users/connection
[
 {
   "username": "[email protected]",
   "imap": {
       "lastConnectionDate": "XXXX",
       "ipAddress": "XXX",
       "userAgent": "XXX"
   },
   "smtp": {
       "lastConnectionDate": "XXXX",
       "ipAddress": "XXX",
       "userAgent": "XXX"
   },

]


Then filters:

curl -XGET /reports/users/connection?activityDuration=3month

would return a list of user active during this duration

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
customer grooming
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chibenwa @quantranhong1999