Mercurial > gemma

changeset 130:13b82701b1fb

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Take expiring time from serialized tokens to garbage collect them.
author Sascha L. Teichmann <sascha.teichmann@intevation.de>
date Thu, 28 Jun 2018 16:59:16 +0200
parents ee5a3dd8e972
children af114cf64822
files auth/connection.go
diffstat 1 files changed, 24 insertions(+), 16 deletions(-) [+]
line wrap: on
line diff
--- a/auth/connection.go	Thu Jun 28 16:45:01 2018 +0200
+++ b/auth/connection.go	Thu Jun 28 16:59:16 2018 +0200
@@ -12,9 +12,8 @@
 var ConnPool = NewConnectionPool()
 
 const (
-	maxOpen      = 16
-	maxDBIdle    = time.Minute * 5
-	maxTokenIdle = time.Minute * 20
+	maxOpen   = 16
+	maxDBIdle = time.Minute * 5
 )
 
 type Connection struct {
@@ -31,6 +30,15 @@
 	c.access = time.Now()
 }
 
+func (c *Connection) close() {
+	if c.db != nil {
+		if err := c.db.Close(); err != nil {
+			log.Printf("warn: %v\n", err)
+		}
+		c.db = nil
+	}
+}
+
 type ConnectionPool struct {
 	conns map[string]*Connection
 	cmds  chan func(*ConnectionPool)
@@ -69,14 +77,19 @@
 }
 
 func (cp *ConnectionPool) cleanToken() {
-	valid := time.Now().Add(-maxTokenIdle)
+	now := time.Now()
 	for token, con := range cp.conns {
-		if con.access.Before(valid) {
-			if con.db != nil {
-				// TODO: Be more graceful here?
-				con.db.Close()
-				con.db = nil
-			}
+		claims, err := TokenToClaims(token)
+		if err != nil { // Should not happen.
+			log.Printf("error: %v\n", err)
+			con.close()
+			delete(cp.conns, token)
+			continue
+		}
+		expires := time.Unix(claims.ExpiresAt, 0)
+		if expires.Before(now) {
+			// TODO: Be more graceful here?
+			con.close()
 			delete(cp.conns, token)
 		}
 	}
@@ -90,13 +103,8 @@
 			res <- false
 			return
 		}
+		conn.close()
 		delete(cp.conns, token)
-		if conn.db != nil {
-			if err := conn.db.Close(); err != nil {
-				log.Printf("warn: %v\n", err)
-			}
-			conn.db = nil
-		}
 		res <- true
 	}
 	return <-res