We actually want to prune accounts based on the
last time they were used or seen online at all, not
just the last time they successfully joined the
world. Keeping track of our own timestamp should
catch scenarios like players sucessfully authing
but failing to complete joining the world, or players
who log in and then play for a long time after
login. This also makes it safer to use with much
shorter timeout periods and longer-running
servers.
Further tighten the race condition gap between
players authing and finishing joining. The
meaning of last_login is apparently officially the
last join time, but if the last successful auth time
was later, use that as the known account age.
It's possible for a player to log in right as the
check scan is happening, causing the decision to
delete the account happening, then the player
successfully authing, then the account being
actually deleted from the queue, and then the
player completing emerge and running joinplayer
callbacks. One of the joinplayer callbacks tries to
update the last_login, which fails if the account
was deleted while the player was emerging.
Rather than redo the checks, just perform all the
deletion stuff inline.
pruneplayers can race with other mods (e.g.
motdagree) to delete a player. If the player was
already deleted when the check runs, don't crash,
just skip the player this pass.
