Skip to main content

Setup Headlockrs auto cleanup cronjob

Headlockr comes with a build in cleanup mechanism which basically cleans up any outdated OTP's that have been issued by the Headlockr system. Headlockr creates unique one-time-passwords:

  • whenver a user is trying to retrieve their recently generated backupcodes
  • whenever a user is verifying using the sms mfa method
  • whenever a user is challenged with an email verification mfa method

Why do I need this?

Since these otp's have an expiry date by default, Headlockr automatically cleans up outdated tokens to keep your database nice and tight. This is done using cronjobs at regular intervals.

The user has the ability to configure this option to their desired schedule. It's also possible to deactivate this option entirely by passing in "false" to the config.cron.enabled headlockr option below. For those who are new to cronjobs please view the official Strapi docs here.

Configure

Below you can find the default cronjob configuration which can be changed to your liking.

Create a new file or edit your existing plugins config file located at ./config/plugins.js|ts

  headlockr: {
    enabled: true, // ❗️ Caution: disabling the plugin will wipe previous data from the database.
    config: {
      licenseKey: env("HEADLOCKR_LICENSE_KEY"), // ⚡️ Please enter your license key in this environment variable,
      cron: {
        enabled: true,
        schedule: "0 0 * * *", // This will run the cron job every day at midnight. Any Cron expression can we used here.
      },
    },
  },