Merge pull request #354 from firezone/vpn-session-create

Fix wireguard remembers peers

apps/fz_http/lib/fz_http_web/events.ex

@@ -3,18 +3,22 @@ defmodule FzHttpWeb.Events do
   Handles interfacing with other processes in the system.
   """
 
-  alias FzHttp.{Devices, Rules}
+  alias FzHttp.{Devices, Rules, Settings, Users}
 
   def create_device do
     GenServer.call(vpn_pid(), :create_device)
   end
 
   def device_created(device) do
-    GenServer.cast(vpn_pid(), {
-      :device_created,
-      device.public_key,
-      "#{Devices.ipv4_address(device)},#{Devices.ipv6_address(device)}"
-    })
+    user = Users.get_user!(device.user_id)
+
+    unless Users.vpn_session_expired?(user, Settings.vpn_duration()) do
+      GenServer.cast(vpn_pid(), {
+        :device_created,
+        device.public_key,
+        "#{Devices.ipv4_address(device)},#{Devices.ipv6_address(device)}"
+      })
+    end
   end
 
   def device_updated(device) do

apps/fz_vpn/lib/fz_vpn/cli/live.ex

@@ -37,6 +37,20 @@ defmodule FzVpn.CLI.Live do
     set("peer #{pubkey} allowed-ips #{allowed_ips}")
   end
 
+  def delete_peers do
+    exec!("#{wg()} show")
+    |> String.split("\n")
+    |> Enum.filter(fn line ->
+      String.contains?(line, "peer")
+    end)
+    |> Enum.map(fn line ->
+      String.replace_leading(line, "peer: ", "")
+    end)
+    |> Enum.each(fn pubkey ->
+      delete_peer(pubkey)
+    end)
+  end
+
   def delete_peer(pubkey) do
     set("peer #{pubkey} remove")
   end
@@ -51,6 +65,7 @@ defmodule FzVpn.CLI.Live do
   def set(config_str) do
     # Empty config string results in invalid command
     if String.length(config_str) > 0 do
+      delete_peers()
       exec!("#{wg()} set #{iface_name()} #{config_str}")
     else
       Logger.warn("""