Do not remove users with API tokens (#12162)

* Do not remove users with API tokens

* Use eloquent

* Fix missing namespace and convert fully to Eloquent

* fix bug in purge

Co-authored-by: Tony Murray <murraytony@gmail.com>

daily.php

@@ -310,12 +310,13 @@ if ($options['f'] === 'purgeusers') {
             $purge = \LibreNMS\Config::get('active_directory.users_purge');
         }
         if ($purge > 0) {
-            foreach (dbFetchRows('SELECT DISTINCT(`user`) FROM `authlog` WHERE `datetime` >= DATE_SUB(NOW(), INTERVAL ? DAY)', [$purge]) as $user) {
+            $users = \App\Models\AuthLog::where('datetime', '>=', \Carbon\Carbon::now()->subDays($purge))
-                $users[] = $user['user'];
+                ->distinct()->pluck('user')
-            }
+                ->merge(\App\Models\User::has('apiToken')->pluck('username')) // don't purge users with api tokens
+                ->unique();
 
-            if (dbDelete('users', 'username NOT IN ' . dbGenPlaceholders(count($users)), $users)) {
+            if (\App\Models\User::thisAuth()->whereNotIn('username', $users)->delete()) {
-                echo "Removed users that haven't logged in for $purge days";
+                echo "Removed users that haven't logged in for $purge days\n";
             }
         }
     } catch (LockException $e) {