From 318440ac95230d2e14931ba3741cf1a44cf47ce8 Mon Sep 17 00:00:00 2001
From: Keiran <keircn@proton.me>
Date: Wed, 6 Aug 2025 06:20:54 +0100
Subject: [PATCH] clean up unverified accounts after 1h

---
 internal/db/user.go           | 9 +++++++++
 internal/handlers/handlers.go | 4 ++++
 2 files changed, 13 insertions(+)

diff --git a/internal/db/user.go b/internal/db/user.go
index 81330ba..33e09c1 100644
--- a/internal/db/user.go
+++ b/internal/db/user.go
@@ -173,6 +173,15 @@ func GetUserByEmail(ctx context.Context, email string) (*User, error) {
 	return &user, nil
 }
 
+func CleanupUnverifiedUsers(ctx context.Context) error {
+	_, err := Pool.Exec(ctx, `
+		DELETE FROM users 
+		WHERE is_verified = false 
+		AND created_at < NOW() - INTERVAL '1 hour'
+	`)
+	return err
+}
+
 func ValidateUserCredentials(ctx context.Context, username, password string) (*User, error) {
 	var user User
 	var passwordHash string
diff --git a/internal/handlers/handlers.go b/internal/handlers/handlers.go
index 628a49f..370b21a 100644
--- a/internal/handlers/handlers.go
+++ b/internal/handlers/handlers.go
@@ -20,6 +20,10 @@ func HandleRoot(c echo.Context) error {
 }
 
 func HandleRegister(c echo.Context) error {
+	if err := db.CleanupUnverifiedUsers(c.Request().Context()); err != nil {
+		return c.JSON(http.StatusInternalServerError, map[string]string{"error": "Failed to cleanup old accounts"})
+	}
+
 	var req db.CreateUserRequest
 	if err := c.Bind(&req); err != nil {
 		return c.JSON(http.StatusBadRequest, map[string]string{"error": "Invalid request body"})