1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-22 23:02:42 +01:00
phorge-phorge/resources/sql/autopatches
epriestley acb141cf52 Expire and garbage collect unused sessions
Summary:
Ref T3720. Ref T4310. Currently, we limit the maximum number of concurrent sessions of each type. This is primarily because sessions predate garbage collection and we had no way to prevent the session table from growing fairly quickly and without bound unless we did this.

Now that we have GC (and it's modular!) we can just expire unused sessions after a while and throw them away:

  - Add a `sessionExpires` column to the table, with a key.
  - Add a GC for old sessions.
  - When we establish a session, set `sessionExpires` to the current time plus the session TTL.
  - When a user uses a session and has used up more than 20% of the time on it, extend the session.

In addition to this, we could also rotate sessions, but I think that provides very little value. If we do want to implement it, we should hold it until after T3720 / T4310.

Test Plan:
  - Ran schema changes.
  - Looked at database.
  - Tested GC:
    - Started GC.
    - Set expires on one row to the past.
    - Restarted GC.
    - Verified GC nuked the session.
  - Logged in.
  - Logged out.
  - Ran Conduit method.
  - Tested refresh:
    - Set threshold to 0.0001% instead of 20%.
    - Loaded page.
    - Saw a session extension ever few page loads.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4310, T3720

Differential Revision: https://secure.phabricator.com/D7976
2014-01-15 13:56:16 -08:00
..
20140104.harbormastercmd.sql Replace "Cancel Build" with "Stop", "Resume" and "Restart" 2014-01-06 12:32:20 -08:00
20140106.macromailkey.1.sql Add mailKey to macros 2014-01-06 12:17:23 -08:00
20140106.macromailkey.2.php Add mailKey to macros 2014-01-06 12:17:23 -08:00
20140108.ddbpname.1.sql Add names to Drydock blueprints 2014-01-09 10:56:34 -08:00
20140108.ddbpname.2.php Add names to Drydock blueprints 2014-01-09 10:56:34 -08:00
20140109.ddxactions.sql Add transactions to Drydock blueprint editing 2014-01-09 12:19:54 -08:00
20140109.projectcolumnsdates.sql Adding the create flow for Project Board (Workphlow) columns. 2014-01-09 16:12:11 -08:00
20140113.legalpadsig.1.sql Legalpad - make it work for not logged in users 2014-01-14 17:17:18 -08:00
20140113.legalpadsig.2.php Legalpad - make it work for not logged in users 2014-01-14 17:17:18 -08:00
20140115.auth.1.id.sql Give the session table a normal id column as a primary key 2014-01-15 13:55:18 -08:00
20140115.auth.2.expires.sql Expire and garbage collect unused sessions 2014-01-15 13:56:16 -08:00