Implement automatic auth token checking

cogs/__init__.py

@@ -21,7 +21,10 @@
 )
 from .delete_all import DeleteAllCommandsCog
 from .edit_message import EditMessageCommandCog
-from .get_token_authorisation import GetTokenAuthorisationCommandCog
+from .get_token_authorisation import (
+    GetTokenAuthorisationCommandCog,
+    TokenAuthorisationCheckTaskCog,
+)
 from .induct import (
     EnsureMembersInductedCommandCog,
     InductContextCommandsCog,
@@ -78,6 +81,7 @@
     "StatsCommandsCog",
     "StrikeCommandCog",
     "StrikeContextCommandsCog",
+    "TokenAuthorisationCheckTaskCog",
     "WriteRolesCommandCog",
     "setup",
 )
@@ -117,6 +121,7 @@ def setup(bot: "TeXBot") -> None:
         StatsCommandsCog,
         StrikeCommandCog,
         StrikeContextCommandsCog,
+        TokenAuthorisationCheckTaskCog,
         WriteRolesCommandCog,
     )
     Cog: type[TeXBotBaseCog]

cogs/get_token_authorisation.py

@@ -1,24 +1,31 @@
 """Contains cog classes for token authorisation check interactions."""
 
 import logging
-from typing import TYPE_CHECKING
+from typing import TYPE_CHECKING, override
 
 import aiohttp
 import bs4
 import discord
 from bs4 import BeautifulSoup
+from discord.ext import tasks
 
 from config import settings
 from utils import CommandChecks, TeXBotBaseCog
+from utils.error_capture_decorators import (
+    capture_guild_does_not_exist_error,
+)
 
 if TYPE_CHECKING:
     from collections.abc import Iterable, Mapping, Sequence
     from logging import Logger
     from typing import Final
 
-    from utils import TeXBotApplicationContext
+    from utils import TeXBot, TeXBotApplicationContext
 
-__all__: "Sequence[str]" = ("GetTokenAuthorisationCommandCog",)
+__all__: "Sequence[str]" = (
+    "GetTokenAuthorisationCommandCog",
+    "TokenAuthorisationCheckTaskCog",
+)
 
 logger: "Final[Logger]" = logging.getLogger("TeX-Bot")
 
@@ -35,22 +42,39 @@
 REQUEST_URL: "Final[str]" = "https://guildofstudents.com/profile"
 
 
-class GetTokenAuthorisationCommandCog(TeXBotBaseCog):
-    """Cog class that defines the "/get_token_authorisation" command."""
+class TokenAuthorisationBaseCog(TeXBotBaseCog):
+    """Cog class that defines the base for token authorisation functions."""
 
-    @discord.slash_command(  # type: ignore[no-untyped-call, misc]
-        name="get-token-authorisation",
-        description="Checks the authorisations held by the token.",
-    )
-    @CommandChecks.check_interaction_user_has_committee_role
-    @CommandChecks.check_interaction_user_in_main_guild
-    async def get_token_authorisation(self, ctx: "TeXBotApplicationContext") -> None:  # type: ignore[misc]
+    async def is_token_valid(self) -> bool:
         """
-        Definition of the "get_token_authorisation" command.
+        Definition of method to check if the authorisation token is valid.
 
-        The "get_token_authorisation" command will retrieve the profile for the token user.
-        The profile page will contain the user's name and a list of the MSL organisations
-        the user has administrative access to.
+        This is done by requesting the user profile page and
+        checking if the page title contains "Login".
+        """
+        http_session: aiohttp.ClientSession = aiohttp.ClientSession(
+            headers=REQUEST_HEADERS,
+            cookies=REQUEST_COOKIES,
+        )
+
+        async with http_session, http_session.get(REQUEST_URL) as http_response:
+            response_html: str = await http_response.text()
+
+        response_object: bs4.BeautifulSoup = BeautifulSoup(
+            response_html,
+            "html.parser",
+        )
+
+        page_title: bs4.Tag | bs4.NavigableString | None = response_object.find("title")
+
+        return "Login" in str(page_title)
+
+    async def get_token_groups(self, iterable: bool) -> str | "Iterable"[str]:  # noqa: FBT001
+        """
+        Definition of method to get the groups the token has access to.
+
+        This is done by requesting the user profile page and
+        scraping the HTML for the list of groups.
         """
         http_session: aiohttp.ClientSession = aiohttp.ClientSession(
             headers=REQUEST_HEADERS,
@@ -68,19 +92,15 @@ async def get_token_authorisation(self, ctx: "TeXBotApplicationContext") -> None
         page_title: bs4.Tag | bs4.NavigableString | None = response_object.find("title")
 
         if not page_title:
-            await self.command_send_error(
-                ctx=ctx,
-                message="Profile page returned no content when checking token authorisation!",
+            PROFILE_PAGE_INVALID: Final[str] = (
+                "Profile page returned no content when checking token authorisation."
             )
-            return
+            logger.warning(PROFILE_PAGE_INVALID)
+            return PROFILE_PAGE_INVALID
 
         if "Login" in str(page_title):
-            BAD_TOKEN_MESSAGE: Final[str] = (
-                "Unable to fetch profile page because the token was not valid."  # noqa: S105
-            )
-            logger.warning(BAD_TOKEN_MESSAGE)
-            await ctx.respond(content=BAD_TOKEN_MESSAGE)
-            return
+            logger.warning("Unable to fetch profile page because the token was not valid.")
+            return []
 
         profile_section_html: bs4.Tag | bs4.NavigableString | None = response_object.find(
             "div",
@@ -93,21 +113,17 @@ async def get_token_authorisation(self, ctx: "TeXBotApplicationContext") -> None
                 "when scraping the website's HTML!",
             )
             logger.debug("Retrieved HTML: %s", response_html)
-            await ctx.respond(
-                "Couldn't find the profile of the user! "
-                "This should never happen, please check the logs!",
-            )
-            return
+            return "Something went wrong when fetching the profile page!"
 
         user_name: bs4.Tag | bs4.NavigableString | int | None = profile_section_html.find("h1")
 
         if not isinstance(user_name, bs4.Tag):
             NO_PROFILE_DEBUG_MESSAGE: Final[str] = (
                 "Found user profile but couldn't find their name!"
             )
-            logger.debug(NO_PROFILE_DEBUG_MESSAGE)
-            await ctx.respond(NO_PROFILE_DEBUG_MESSAGE)
-            return
+            logger.warning(NO_PROFILE_DEBUG_MESSAGE)
+            logger.debug("Retrieved HTML: %s", response_html)
+            return "Something went wrong when fetching the profile page!"
 
         parsed_html: bs4.Tag | bs4.NavigableString | None = response_object.find(
             "ul",
@@ -120,8 +136,7 @@ async def get_token_authorisation(self, ctx: "TeXBotApplicationContext") -> None
                 "Please check you have used the correct token!"
             )
             logger.warning(NO_ADMIN_TABLE_MESSAGE)
-            await ctx.respond(content=NO_ADMIN_TABLE_MESSAGE)
-            return
+            return NO_ADMIN_TABLE_MESSAGE
 
         organisations: Iterable[str] = [
             list_item.get_text(strip=True) for list_item in parsed_html.find_all("li")
@@ -133,10 +148,73 @@ async def get_token_authorisation(self, ctx: "TeXBotApplicationContext") -> None
             user_name.text,
         )
 
-        await ctx.respond(
+        constructed_organisations: str = (
             f"Admin token has access to the following MSL Organisations as "
-            f"{user_name.text}:\n{
-                ', \n'.join(organisation for organisation in organisations)
-            }",
-            ephemeral=True,
+            f"{user_name.text}:\n{', \n'.join(organisation for organisation in organisations)}"
         )
+
+        return organisations if iterable else constructed_organisations
+
+
+class GetTokenAuthorisationCommandCog(TokenAuthorisationBaseCog):
+    """Cog class that defines the "/get_token_authorisation" command."""
+
+    @discord.slash_command(  # type: ignore[no-untyped-call, misc]
+        name="get-token-authorisation",
+        description="Checks the authorisations held by the token.",
+    )
+    @CommandChecks.check_interaction_user_has_committee_role
+    @CommandChecks.check_interaction_user_in_main_guild
+    async def get_token_authorisation(self, ctx: "TeXBotApplicationContext") -> None:  # type: ignore[misc]
+        """
+        Definition of the "get_token_authorisation" command.
+
+        The "get_token_authorisation" command will retrieve the profile for the token user.
+        The profile page will contain the user's name and a list of the MSL organisations
+        the user has administrative access to.
+        """
+        await ctx.defer(ephemeral=True)
+        async with ctx.typing():
+            await ctx.followup.send(
+                content=str(await self.get_token_groups(iterable=False)),
+                ephemeral=True,
+            )
+
+
+class TokenAuthorisationCheckTaskCog(TokenAuthorisationBaseCog):
+    """Cog class that defines the background task for token authorisation checks."""
+
+    @override
+    def __init__(self, bot: "TeXBot") -> None:
+        """Start all task managers when this cog is initialised."""
+        if settings["AUTO_AUTH_SESSION_COOKIE_CHECKING"]:
+            _ = self.token_authorisation_check_task.start()
+
+        super().__init__(bot)
+
+    @override
+    def cog_unload(self) -> None:
+        """
+        Unload-hook that ends all running tasks whenever the tasks cog is unloaded.
+
+        This may be run dynamically or when the bot closes.
+        """
+        self.token_authorisation_check_task.cancel()
+
+    @tasks.loop(**settings["AUTO_AUTH_SESSION_COOKIE_CHECKING"])
+    @capture_guild_does_not_exist_error
+    async def token_authorisation_check_task(self) -> None:
+        """
+        Definition of the background task that checks the token authorisation.
+
+        The task will check if the token is valid and if it is, it will retrieve the
+        groups the token has access to.
+        """
+        logger.debug("Running token authorisation check task...")
+
+        token_valid: bool = await self.is_token_valid()
+
+        if not token_valid:
+            logger.warning("Token is not valid!")
+
+            await self.bot.fetch_log_channel().send("Auth token has expired!")

config.py

@@ -426,6 +426,53 @@ def _setup_members_list_auth_session_cookie(cls) -> None:
             raw_members_list_auth_session_cookie
         )
 
+    @classmethod
+    def _setup_auto_auth_session_cookie_checking(cls) -> None:
+        raw_auto_auth_session_cookie_checking: str | bool = str(
+            os.getenv("AUTO_AUTH_SESSION_COOKIE_CHECKING", "False"),
+        )
+
+        if raw_auto_auth_session_cookie_checking in FALSE_VALUES:
+            cls._settings["AUTO_AUTH_SESSION_COOKIE_CHECKING"] = False
+            return
+
+        if raw_auto_auth_session_cookie_checking in TRUE_VALUES:
+            raw_auto_auth_session_cookie_checking = "24h"
+
+        raw_auto_auth_session_cookie_checking_delay: re.Match[str] | None = re.fullmatch(
+            r"\A(?:(?P<seconds>(?:\d*\.)?\d+)s)?(?:(?P<minutes>(?:\d*\.)?\d+)m)?(?:(?P<hours>(?:\d*\.)?\d+)h)?(?:(?P<days>(?:\d*\.)?\d+)d)?(?:(?P<weeks>(?:\d*\.)?\d+)w)?\Z",
+            str(raw_auto_auth_session_cookie_checking),
+        )
+
+        if not raw_auto_auth_session_cookie_checking_delay:
+            INVALID_SEND_INTRODUCTION_REMINDERS_DELAY_MESSAGE: Final[str] = (
+                "SEND_INTRODUCTION_REMINDERS_DELAY must contain the delay "
+                "in any combination of seconds, minutes, hours, days or weeks."
+            )
+            raise ImproperlyConfiguredError(
+                INVALID_SEND_INTRODUCTION_REMINDERS_DELAY_MESSAGE,
+            )
+
+        raw_timedelta_auto_auth_session_cookie_checking_delay: timedelta = timedelta(
+            **{
+                key: float(value)
+                for key, value in (
+                    raw_auto_auth_session_cookie_checking_delay.groupdict().items()
+                )
+                if value
+            },
+        )
+
+        if raw_timedelta_auto_auth_session_cookie_checking_delay < timedelta(days=1):
+            logger.warning(
+                "Automatic checking of the MSL session cookie is below the "
+                "recommended minimum (24h) which could cause performance issues."
+            )
+
+        cls._settings["AUTO_AUTH_SESSION_COOKIE_CHECKING"] = (
+            raw_timedelta_auto_auth_session_cookie_checking_delay
+        )
+
     @classmethod
     def _setup_send_introduction_reminders(cls) -> None:
         raw_send_introduction_reminders: str | bool = str(