fix: use transactions when operations involve multiple database queries (#392)

Co-authored-by: Kyle Mendell <kmendell@ofkm.us>

backend/internal/job/db_cleanup_job.go

@@ -1,16 +1,18 @@
 package job
 
 import (
+	"context"
 	"log"
 	"time"
 
 	"github.com/go-co-op/gocron/v2"
+	"gorm.io/gorm"
+
 	"github.com/pocket-id/pocket-id/backend/internal/model"
 	datatype "github.com/pocket-id/pocket-id/backend/internal/model/types"
-	"gorm.io/gorm"
 )
 
-func RegisterDbCleanupJobs(db *gorm.DB) {
+func RegisterDbCleanupJobs(ctx context.Context, db *gorm.DB) {
 	scheduler, err := gocron.NewScheduler()
 	if err != nil {
 		log.Fatalf("Failed to create a new scheduler: %s", err)
@@ -18,11 +20,11 @@ func RegisterDbCleanupJobs(db *gorm.DB) {
 
 	jobs := &DbCleanupJobs{db: db}
 
-	registerJob(scheduler, "ClearWebauthnSessions", "0 3 * * *", jobs.clearWebauthnSessions)
-	registerJob(scheduler, "ClearOneTimeAccessTokens", "0 3 * * *", jobs.clearOneTimeAccessTokens)
-	registerJob(scheduler, "ClearOidcAuthorizationCodes", "0 3 * * *", jobs.clearOidcAuthorizationCodes)
-	registerJob(scheduler, "ClearOidcRefreshTokens", "0 3 * * *", jobs.clearOidcRefreshTokens)
-	registerJob(scheduler, "ClearAuditLogs", "0 3 * * *", jobs.clearAuditLogs)
+	registerJob(ctx, scheduler, "ClearWebauthnSessions", "0 3 * * *", jobs.clearWebauthnSessions)
+	registerJob(ctx, scheduler, "ClearOneTimeAccessTokens", "0 3 * * *", jobs.clearOneTimeAccessTokens)
+	registerJob(ctx, scheduler, "ClearOidcAuthorizationCodes", "0 3 * * *", jobs.clearOidcAuthorizationCodes)
+	registerJob(ctx, scheduler, "ClearOidcRefreshTokens", "0 3 * * *", jobs.clearOidcRefreshTokens)
+	registerJob(ctx, scheduler, "ClearAuditLogs", "0 3 * * *", jobs.clearAuditLogs)
 	scheduler.Start()
 }
 
@@ -31,26 +33,41 @@ type DbCleanupJobs struct {
 }
 
 // ClearWebauthnSessions deletes WebAuthn sessions that have expired
-func (j *DbCleanupJobs) clearWebauthnSessions() error {
-	return j.db.Delete(&model.WebauthnSession{}, "expires_at < ?", datatype.DateTime(time.Now())).Error
+func (j *DbCleanupJobs) clearWebauthnSessions(ctx context.Context) error {
+	return j.db.
+		WithContext(ctx).
+		Delete(&model.WebauthnSession{}, "expires_at < ?", datatype.DateTime(time.Now())).
+		Error
 }
 
 // ClearOneTimeAccessTokens deletes one-time access tokens that have expired
-func (j *DbCleanupJobs) clearOneTimeAccessTokens() error {
-	return j.db.Debug().Delete(&model.OneTimeAccessToken{}, "expires_at < ?", datatype.DateTime(time.Now())).Error
+func (j *DbCleanupJobs) clearOneTimeAccessTokens(ctx context.Context) error {
+	return j.db.
+		WithContext(ctx).
+		Delete(&model.OneTimeAccessToken{}, "expires_at < ?", datatype.DateTime(time.Now())).
+		Error
 }
 
 // ClearOidcAuthorizationCodes deletes OIDC authorization codes that have expired
-func (j *DbCleanupJobs) clearOidcAuthorizationCodes() error {
-	return j.db.Delete(&model.OidcAuthorizationCode{}, "expires_at < ?", datatype.DateTime(time.Now())).Error
+func (j *DbCleanupJobs) clearOidcAuthorizationCodes(ctx context.Context) error {
+	return j.db.
+		WithContext(ctx).
+		Delete(&model.OidcAuthorizationCode{}, "expires_at < ?", datatype.DateTime(time.Now())).
+		Error
 }
 
 // ClearOidcAuthorizationCodes deletes OIDC authorization codes that have expired
-func (j *DbCleanupJobs) clearOidcRefreshTokens() error {
-	return j.db.Delete(&model.OidcRefreshToken{}, "expires_at < ?", datatype.DateTime(time.Now())).Error
+func (j *DbCleanupJobs) clearOidcRefreshTokens(ctx context.Context) error {
+	return j.db.
+		WithContext(ctx).
+		Delete(&model.OidcRefreshToken{}, "expires_at < ?", datatype.DateTime(time.Now())).
+		Error
 }
 
 // ClearAuditLogs deletes audit logs older than 90 days
-func (j *DbCleanupJobs) clearAuditLogs() error {
-	return j.db.Delete(&model.AuditLog{}, "created_at < ?", datatype.DateTime(time.Now().AddDate(0, 0, -90))).Error
+func (j *DbCleanupJobs) clearAuditLogs(ctx context.Context) error {
+	return j.db.
+		WithContext(ctx).
+		Delete(&model.AuditLog{}, "created_at < ?", datatype.DateTime(time.Now().AddDate(0, 0, -90))).
+		Error
 }