Worker Service to Clean Up Expired/Stale OTPs

[classyk12]

Description

Implement a background worker service that runs on a schedule to clean up expired OTP records from the storage layer (e.g., in-memory cache, database, or Redis). This helps prevent memory bloat, stale authentication attempts, and improves system hygiene.

Key Requirements

1. Periodically check for expired OTPs
2. Delete OTPs that have surpassed their expiration time
3. Should not block main application threads
4. Configurable cleanup interval (e.g., every 5 minutes)
5. Logging of cleanup activity (e.g., number of entries removed)
6. Gracefully handles storage unavailability or exceptions
7. Should support dependency injection for OTPManager Service

Suggested Implementation

• Create a hosted service: OtpCleanupWorker : BackgroundService
• Inject an IOtpStoreService with a method like RemoveExpiredOtpsAsync()
• Use ILogger to log activity
• Place the worker registration inside your Startup.cs or Program.cs using

services.AddHostedService<OtpCleanupWorker>();

Why This Is Needed

Unattended OTP records can clutter memory and degrade performance. This service ensures that the system remains lightweight, secure, and performant by cleaning expired tokens.

Feel free to drop a comment if you require any clarifications