Git Merge Request #435: Track session ids on user records (open)
Merging...
Merged
Something went wrong. Please, merge manually
Checking if merge is possible...
Something went wrong. Please, merge manually
Carlos Cruz wants to merge 1 commit from /u/ccruz/allura/ to master, 2025-03-03
Every time a user logs in, their session id will be stored in the corresponding database record and will be used to authenticate every request. If the current session id is not tracked, the request won't be acknowledged and the user will be redirected to the login page. Upon logout, the current session id will be cleared.
Currently the max number of sessions that can be tracked per user is 100, and every time a new session id is added upon reaching the limit, the oldest session id will be discarded to make room for the new one.
| Commit | Date | |
|---|---|---|
| 2025-02-28 19:46:08 | Tree |
Carlos Cruz
Looking good, just a few minor suggestions:
self.session.idversusself.session["_id"]orself.session['_id']def logoutcan you usec.userinstead of database queryuser = M.User.by_username(username)?