Last Comment Bug 1195645 - don't create a new session for every authenticated REST/BzAPI call
: don't create a new session for every authenticated REST/BzAPI call
Status: RESOLVED FIXED
:
Product: bugzilla.mozilla.org
Classification: Other
Component: API (show other bugs)
: Production
: Unspecified Unspecified
-- normal (vote)
: ---
Assigned To: Byron Jones ‹:glob›
:
:
Mentors:
Depends on:
Blocks: 1197061
  Show dependency treegraph
 
Reported: 2015-08-18 01:16 PDT by Byron Jones ‹:glob›
Modified: 2015-08-20 21:03 PDT (History)
5 users (show)
See Also:
Due Date:
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
1195645_1.patch (866 bytes, patch)
2015-08-18 01:24 PDT, Byron Jones ‹:glob›
no flags Details | Diff | Splinter Review
1195645_2.patch (1.62 KB, patch)
2015-08-20 11:04 PDT, Byron Jones ‹:glob›
dylan: review+
Details | Diff | Splinter Review

Description User image Byron Jones ‹:glob› 2015-08-18 01:16:49 PDT
currently every authenticated request made to a REST or BzAPI endpoint results in a new session (ie. a row in the logincookies table).

some heavy api users have a significant number of login-cookies, with first place awarded to a user with 137,000 sessions.

this is somewhat excessive.


with the exception of calls to User.login we shouldn't persist REST session requests.
Comment 1 User image Byron Jones ‹:glob› 2015-08-18 01:24:03 PDT
Created attachment 8649153 [details] [diff] [review]
1195645_1.patch
Comment 2 User image Byron Jones ‹:glob› 2015-08-20 11:04:26 PDT
Created attachment 8650587 [details] [diff] [review]
1195645_2.patch

- use a separate var 'dont_persist_session' instead of stealing auth_no_automatic_login
Comment 3 User image Dylan Hardison [:dylan] 2015-08-20 11:29:45 PDT
Comment on attachment 8650587 [details] [diff] [review]
1195645_2.patch

Review of attachment 8650587 [details] [diff] [review]:
-----------------------------------------------------------------

r=dylan

we'll want to do this for JSONRPC and XMLRPC, but this is a good stopgap.
Comment 4 User image Byron Jones ‹:glob› 2015-08-20 21:03:29 PDT
> we'll want to do this for JSONRPC and XMLRPC, but this is a good stopgap.

filed as bug 1197061.

To ssh://gitolite3@git.mozilla.org/webtools/bmo/bugzilla.git
   667ecc3..ca96913  master -> master

Note You need to log in before you can comment on or make changes to this bug.