Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

#451 move to session files #472

Merged
merged 1 commit into from
Nov 19, 2023

Conversation

fcaps
Copy link
Collaborator

@fcaps fcaps commented Nov 18, 2023

closes #451

Changes:

  • moving from memory to file-stroage
  • removed "normal" cookie -> it's a session cookie now (close the browser, losses the session)
  • removed deprecated cookie-parser middleware, it's integrated in express-session
  • sessions will not be lost if the container getting restarted (but on every deploy)

Notes:

  • sessions are encrypted
  • if the file-system is not "stable" , we may have to increase retries.

Copy link
Member

@Sheikah45 Sheikah45 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would the sessions just be stored in /sessions so we would have to mount a volume or would it be okay if they are wiped on container restart?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we need the sessions folder in git? Does express not create it if it doesn't already exist?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would the sessions just be stored in /sessions so we would have to mount a volume or would it be okay if they are wiped on container restart?

they are in-memory right now, so i guess it's okay if they got wiped. (PS: container restart will keep the sessions)

Why do we need the sessions folder in git? Does express not create it if it doesn't already exist?

it's a permission thing, we can let node (the container) create it, but then permission are kinda fucked locally for development, it's a small price for not doing the whole setUID/GID for every operating system. but, i am used to it and can remove the folder.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes I meant container recreation. And why does the local developer need to care about the permissions of the folder?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

he cannot delete the sessions.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PS: we already have this issue with node_modules.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes I was mostly curious if it required any changes to the server setup

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no, everything can stay as it is. the image don't need any mount-point.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

there is the possibility that i fucked something up (like a side-effect), but i don't now the app good enough to see what is missing/wrong. maybe i fucked the flash messages by removing the cookie-parser?
The code is looking so dirty, that i often don't know if i fucked something up or not.

What i tested:
i could login, used my token and logout

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We'll have to do a larger testing session before the next release I guess

@fcaps fcaps requested a review from Sheikah45 November 19, 2023 01:46
@fcaps fcaps mentioned this pull request Nov 19, 2023
Copy link
Member

@Brutus5000 Brutus5000 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm ok with this for now, but that still limits us to 1 instance which is kind of an antipattern of what we try to achieve with the infrastructure side (kubernetes)

@Brutus5000 Brutus5000 merged commit 759d771 into FAForever:develop Nov 19, 2023
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Express session-store memory-leak
3 participants