Closed Bug 1195645 Opened 9 years ago Closed 9 years ago

don't create a new session for every authenticated REST/BzAPI call

Categories

(bugzilla.mozilla.org :: API, defect)

Production
defect
Not set
normal

Tracking

()

RESOLVED FIXED

People

(Reporter: glob, Assigned: glob)

References

Details

Attachments

(1 file, 1 obsolete file)

currently every authenticated request made to a REST or BzAPI endpoint results in a new session (ie. a row in the logincookies table).

some heavy api users have a significant number of login-cookies, with first place awarded to a user with 137,000 sessions.

this is somewhat excessive.


with the exception of calls to User.login we shouldn't persist REST session requests.
Attached patch 1195645_1.patch (obsolete) — Splinter Review
Attachment #8649153 - Flags: review?(dylan)
Attached patch 1195645_2.patchSplinter Review
- use a separate var 'dont_persist_session' instead of stealing auth_no_automatic_login
Attachment #8649153 - Attachment is obsolete: true
Attachment #8649153 - Flags: review?(dylan)
Attachment #8650587 - Flags: review?(dylan)
Comment on attachment 8650587 [details] [diff] [review]
1195645_2.patch

Review of attachment 8650587 [details] [diff] [review]:
-----------------------------------------------------------------

r=dylan

we'll want to do this for JSONRPC and XMLRPC, but this is a good stopgap.
Attachment #8650587 - Flags: review?(dylan) → review+
Blocks: 1197061
> we'll want to do this for JSONRPC and XMLRPC, but this is a good stopgap.

filed as bug 1197061.

To ssh://gitolite3@git.mozilla.org/webtools/bmo/bugzilla.git
   667ecc3..ca96913  master -> master
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: