Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dont update the auth token twice #1037

Merged
merged 2 commits into from
Oct 14, 2016
Merged

Conversation

icewind1991
Copy link
Member

The token is already updated in updateTokenActivity

Saves an update query for each request made

stacktraces for both queries on master:

cc @ChristophWurst

@icewind1991 icewind1991 added the 3. to review Waiting for reviews label Aug 24, 2016
@icewind1991 icewind1991 added this to the Nextcloud 11.0 milestone Aug 24, 2016
@@ -609,7 +609,6 @@ private function checkTokenCredentials(IToken $dbToken, $token) {
return false;
}
$dbToken->setLastCheck($now);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is that one then required at all?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, otherwise the checks are performed on every request, see above

if ($lastCheck > ($now - 60 * 5)) {
    // Checked performed recently, nothing to do now
    return true;
}

@ChristophWurst
Copy link
Member

Hm, $this->tokenProvider->updateTokenActivity($dbToken); updates the last_check just coincidentally. Not sure if we should rely on that magic.

@ChristophWurst
Copy link
Member

if only the activity was updated recently, the update would be ignored then. See

/**
* Update token activity timestamp
*
* @throws InvalidTokenException
* @param IToken $token
*/
public function updateTokenActivity(IToken $token) {
if (!($token instanceof DefaultToken)) {
throw new InvalidTokenException();
}
/** @var DefaultToken $token */
$now = $this->time->getTime();
if ($token->getLastActivity() < ($now - 60)) {
// Update token only once per minute
$token->setLastActivity($now);
$this->mapper->update($token);
}
}

@icewind1991
Copy link
Member Author

since lastActivity is updated more often than lastChecked that shouldn't be a problem, it will still recheck the token every 5 min.

The only "loss" is that lastActivity can lag behind a max of 1min, but that also means that we only have 1 update query for tokens per min which should help with db load on large systems (updates/inserts being way more expensive than reads)

@icewind1991 icewind1991 force-pushed the no-double-token-update branch 2 times, most recently from def7f7d to 9810907 Compare August 26, 2016 16:54
@rullzer
Copy link
Member

rullzer commented Aug 28, 2016

I agree with @icewind1991 that lagging behind a bit is not that big of a deal. If it is max 1 minute. Fine by me.

But I also agree with @ChristophWurst that we should not depend on dark magic. So please make sure it is properly tested.

Will take a more in depth look tomorrow.

@MorrisJobke
Copy link
Member

Will take a more in depth look tomorrow.

Tomorrow is over 😉

@rullzer
Copy link
Member

rullzer commented Sep 1, 2016

Tomorrow is over 😉

True ;)

I'm still torn. I like the improvement but I feel this will break once somebody at some point moves code around. So can we have unit tests for this behaviour? Then it is 🚀 for me!

@MorrisJobke MorrisJobke added 2. developing Work in progress and removed 3. to review Waiting for reviews labels Sep 1, 2016
@MorrisJobke
Copy link
Member

I'm still torn. I like the improvement but I feel this will break once somebody at some point moves code around. So can we have unit tests for this behaviour? Then it is for me!

@icewind1991 Could you add unit tests for this? Thanks

@icewind1991 icewind1991 force-pushed the no-double-token-update branch from 9810907 to f89bc0a Compare October 10, 2016 12:00
@icewind1991
Copy link
Member Author

Added tests to ensure the token times are updated

@MorrisJobke
Copy link
Member

There was 1 failure:
1) Test\User\SessionTest::testValidateSessionNoPassword
Expectation failed for method name is equal to <string:updateToken> when invoked 1 time(s).
Method was expected to be called 1 times, actually called 0 times.

@icewind1991 icewind1991 force-pushed the no-double-token-update branch from ab458d9 to 90db361 Compare October 11, 2016 09:06
@MorrisJobke MorrisJobke added 3. to review Waiting for reviews and removed 2. developing Work in progress labels Oct 11, 2016
@MorrisJobke
Copy link
Member

Tested and works 👍

@codecov-io
Copy link

codecov-io commented Oct 11, 2016

Current coverage is 56.39% (diff: 100%)

Merging #1037 into master will decrease coverage by 0.01%

@@             master      #1037   diff @@
==========================================
  Files          1070       1070          
  Lines         60432      60490    +58   
  Methods        6817       6825     +8   
  Messages          0          0          
  Branches          0          0          
==========================================
+ Hits          34087      34111    +24   
- Misses        26345      26379    +34   
  Partials          0          0          

Sunburst

Diff Coverage File Path
•••••••••• 100% lib/private/User/Session.php

Powered by Codecov. Last update cc4b514...90db361

@rullzer
Copy link
Member

rullzer commented Oct 14, 2016

ok test. Fine by me. LGTM then.
@ChristophWurst you are fine as well?

@ChristophWurst
Copy link
Member

👍 I guess 🙈

@ChristophWurst ChristophWurst merged commit 53eb0f7 into master Oct 14, 2016
@ChristophWurst ChristophWurst deleted the no-double-token-update branch October 14, 2016 12:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
3. to review Waiting for reviews
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants