[Enhancement] Add automatic cleanup for expired authentication nonces #452
Description
Description
Expired authentication nonces accumulate in the database over time, potentially causing storage bloat and performance degradation.
Current Behavior
- Nonces are created for each SIWE authentication attempt
- Nonces expire after 5 minutes
- Used and expired nonces remain in the database indefinitely
Expected Behavior
- Expired and used nonces should be automatically cleaned up
- Database should not accumulate stale authentication data
Impact
- Database storage grows unnecessarily
- Potential performance impact on nonce lookups
- Stale data in production database
Suggested Solution
A management command has been proposed in PR #450 that provides:
# Clean up nonces expired more than 1 hour ago
python manage.py cleanup_nonces
# Preview what would be deleted
python manage.py cleanup_nonces --dry-run
# Custom age threshold
python manage.py cleanup_nonces --hours 24This should be scheduled to run periodically (daily recommended) via:
- Cron job
- Django-celery-beat
- AWS CloudWatch Events (for App Runner deployments)
Code Location
- Model:
backend/ethereum_auth/models.py-Nonceclass - Views:
backend/ethereum_auth/views.py- nonce creation/validation