fix: some cache ttls were getting stringified, which leads to dynamod…

…b silently not expiring them (#763)
panther-labs · May 31, 2023 · 0f59610 · 0f59610
1 parent 364efe5
commit 0f59610
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 3 deletions.
diff --git a/rules/okta_rules/okta_geo_improbable_access.py b/rules/okta_rules/okta_geo_improbable_access.py
@@ -96,7 +96,7 @@ def store_login_info(key, event):
         ],
     )
     # Expire the entry after a week so the table doesn't fill up with past users
-    set_key_expiration(key, str((datetime.now() + timedelta(days=7)).timestamp()))
+    set_key_expiration(key, int((datetime.now() + timedelta(days=7)).timestamp()))
 
 
 def title(event):

diff --git a/rules/onelogin_rules/onelogin_high_risk_login.py b/rules/onelogin_rules/onelogin_high_risk_login.py
@@ -23,7 +23,7 @@ def rule(event):
         if event.get("event_type_id") == 6:
             # update a counter for this user's failed login attempts with a high risk score
             increment_counter(event_key)
-            set_key_expiration(event_key, time.time() + THRESH_TTL)
+            set_key_expiration(event_key, int(time.time()) + THRESH_TTL)
 
     # Trigger alert if this user recently
     # failed a high risk login

diff --git a/rules/slack_rules/slack_application_dos.py b/rules/slack_rules/slack_application_dos.py
@@ -53,4 +53,4 @@ def store_reset_info(key, event):
         ],
     )
     # Expire the entry after 24 hours
-    set_key_expiration(key, str((datetime.now() + timedelta(days=1)).timestamp()))
+    set_key_expiration(key, int((datetime.now() + timedelta(days=1)).timestamp()))