disableLastLoginUpdate

packages/core/src/config/default-config.ts

@@ -99,6 +99,7 @@ export const defaultConfig: RuntimeVendureConfig = {
         sessionCacheStrategy: new InMemorySessionCacheStrategy(),
         sessionCacheTTL: 300,
         requireVerification: true,
+        disableLastLoginUpdate: false,
         verificationTokenDuration: '7d',
         superadminCredentials: {
             identifier: SUPER_ADMIN_USER_IDENTIFIER,

packages/core/src/config/vendure-config.ts

@@ -473,6 +473,13 @@ export interface AuthOptions {
      * @default DefaultPasswordValidationStrategy
      */
     passwordValidationStrategy?: PasswordValidationStrategy;
+    /**
+     * @description
+     * Disable the last login update (prevent a save on user entity) when a user logs in.
+     * This can be useful when there is a lot of authentication in a short period of time and get lock on the user table.
+     * @since 3.0.7
+     */
+    disableLastLoginUpdate?: boolean
 }
 
 /**

packages/core/src/service/services/auth.service.ts

@@ -97,8 +97,10 @@ export class AuthService {
         if (ctx.session && ctx.session.activeOrderId) {
             await this.sessionService.deleteSessionsByActiveOrderId(ctx, ctx.session.activeOrderId);
         }
-        user.lastLogin = new Date();
-        await this.connection.getRepository(ctx, User).save(user, { reload: false });
+        if (user.roles || !this.configService.authOptions.disableLastLoginUpdate) {
+            user.lastLogin = new Date();
+            await this.connection.getRepository(ctx, User).save(user, { reload: false });
+        }
         const session = await this.sessionService.createNewAuthenticatedSession(
             ctx,
             user,