Git Merge Request #435: Track session ids on user records (merged)

Merging...

Merged

Something went wrong. Please, merge manually

Checking if merge is possible...

Something went wrong. Please, merge manually

Carlos Cruz wants to merge 1 commit from /u/ccruz/allura/ to master, 6 days ago

Every time a user logs in, their session id will be stored in the corresponding database record and will be used to authenticate every request. If the current session id is not tracked, the request won't be acknowledged and the user will be redirected to the login page. Upon logout, the current session id will be cleared.

Currently the max number of sessions that can be tracked per user is 100, and every time a new session id is added upon reaching the limit, the oldest session id will be discarded to make room for the new one.

Commit Date  
[1bf948] (cc/8949) by Carlos Cruz Carlos Cruz

Track session ids on user records

 2025-02-28 19:46:08 Tree

Discussion

  • Dave Brondsema

    Dave Brondsema - 2025-03-03

    Looking good, just a few minor suggestions:

    • It'd be nice to be consistent with self.session.id versus self.session["_id"] or self.session['_id']
    • in def logout can you use c.user instead of database query user = M.User.by_username(username)?
     

  • Dave Brondsema

    Dave Brondsema - 6 days ago
    • Status: open --> merged
     

Log in to post a comment.