Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove session caching #208

Closed
wants to merge 1 commit into from
Closed

Conversation

eatyourgreens
Copy link
Contributor

@eatyourgreens eatyourgreens commented Jun 27, 2023

Remove session caching from auth.checkCurrent(). Instead, add a _fetching state which is true while a user session is being fetched from Panoptes.

This should close #207 by changing auth.checkCurrent() so that it always checks the Panoptes API when called, except if there is an API request already in progress.

This could be a breaking change, in that auth.checkCurrent() will now spam the API if it is called too frequently.

@eatyourgreens eatyourgreens force-pushed the remove-session-caching branch 4 times, most recently from 6393328 to c8ceb17 Compare June 29, 2023 12:12
eatyourgreens added a commit to zooniverse/front-end-monorepo that referenced this pull request Jun 29, 2023
This is an experimental build, using an API client that doesn't cache Panoptes user sessions.

- See zooniverse/panoptes-javascript-client#208.
eatyourgreens added a commit to zooniverse/front-end-monorepo that referenced this pull request Jun 29, 2023
This is an experimental build, using an API client that doesn't cache Panoptes user sessions.

- See zooniverse/panoptes-javascript-client#208.
@eatyourgreens eatyourgreens force-pushed the remove-session-caching branch from c8ceb17 to 4c017e4 Compare June 29, 2023 14:19
eatyourgreens added a commit to zooniverse/front-end-monorepo that referenced this pull request Jun 29, 2023
This is an experimental build, using an API client that doesn't cache Panoptes user sessions.

- See zooniverse/panoptes-javascript-client#208.
@eatyourgreens eatyourgreens force-pushed the remove-session-caching branch from 4c017e4 to 135c162 Compare June 29, 2023 15:01
Remove session caching from `auth.checkCurrent()`. Instead, add a `_fetching` state which is true while a user session is being fetched from Panoptes.
@eatyourgreens eatyourgreens force-pushed the remove-session-caching branch from 135c162 to c903c7e Compare June 29, 2023 17:23
eatyourgreens added a commit to zooniverse/front-end-monorepo that referenced this pull request Jun 29, 2023
This is an experimental build, using an API client that doesn't cache Panoptes user sessions.

- See zooniverse/panoptes-javascript-client#208.
@zwolf
Copy link
Member

zwolf commented Jun 29, 2023

This could be a breaking change, in that auth.checkCurrent() will now spam the API if it is called too frequently.

This seems like completely reasonable use of the API, but as a part of the review of this PR, I'd like to make sure we know where and how this is called and whether "spam" is a fair description.

@eatyourgreens
Copy link
Contributor Author

This branch breaks the new classifier. 🙁

zooniverse/front-end-monorepo#4917 (comment)

@eatyourgreens
Copy link
Contributor Author

Login/logout is broken on this branch too.

zooniverse/Panoptes-Front-End#6677 (comment)

zooniverse/front-end-monorepo#4917 (comment)

@eatyourgreens
Copy link
Contributor Author

eatyourgreens commented Jul 3, 2023

So, each of our frontend projects has a block of code like this, which runs auth.checkCurrent() every time the auth client emits a change event:

import auth from 'panoptes-client/lib/auth;

auth.listen('change', () => {
  auth.checkCurrent();
});

The problem is:

  • checkCurrent() calls this.update, which emits a change event.
  • registration, sign in and sign out all call this.checkCurrent() and this.update, so they emit change events too.

This hasn't been a problem for us to date, because checkCurrent is memo-ised via _currentUserPromise. When I removed that in this PR, weird bugs were triggered:

  • auth.checkCurrent() can trigger auth.checkCurrent(), leading to recursion. My first pass at this PR spammed /api/me with hundreds of requests when the page first loaded.
  • Signing out triggers auth.checkCurrent(), which generates a new access token and signs you back in to Panoptes again.

I've started a rewrite of auth.js, in #210, to make the code easier to read and maybe make it more explicit where the client emits events.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

User sessions are cached in memory forever
2 participants