couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From KlausTrainer <...@git.apache.org>
Subject [GitHub] couchdb pull request: Use cookie authentication during replication
Date Tue, 11 Mar 2014 09:20:13 GMT
Github user KlausTrainer commented on a diff in the pull request:

    https://github.com/apache/couchdb/pull/172#discussion_r10465907
  
    --- Diff: src/couch_replicator/src/couch_replicator_httpc.erl ---
    @@ -131,6 +171,90 @@ process_stream_response(ReqId, Worker, HttpDb, Params, Callback)
->
         end.
     
     
    +process_stream_response_headers(ReqId, Code, Headers, Worker, HttpDb, Params, Callback)
->
    +    StreamDataFun = fun() ->
    +        stream_data_self(HttpDb, Params, Worker, ReqId, Callback)
    +    end,
    +    ibrowse:stream_next(ReqId),
    +    try
    +        Ret = Callback(Code, Headers, StreamDataFun),
    +        release_worker(Worker, HttpDb),
    +        clean_mailbox_req(ReqId),
    +        Ret
    +    catch throw:{maybe_retry_req, Err} ->
    +        clean_mailbox_req(ReqId),
    +        maybe_retry(Err, Worker, HttpDb, Params, Callback)
    +    end.
    +
    +
    +maybe_start_new_session(HttpDb) ->
    +    case need_new_session(HttpDb) of
    +    false -> false;
    +    true -> start_new_session(HttpDb)
    +    end.
    +
    +
    +maybe_start_new_session(HttpDb, Worker) ->
    +    case need_new_session(HttpDb) of
    +    false -> false;
    +    true -> start_new_session(HttpDb, Worker)
    +    end.
    +
    +
    +need_new_session(#httpdb{credentials = undefined}) ->
    +    false;
    +
    +need_new_session(#httpdb{credentials = Credentials}) ->
    +    case ets:lookup(Credentials, cookie) of
    +    [] ->
    +        true;
    +    [{cookie, _, UpdatedAt}] ->
    +        %% As we don't know when the cookie will expire, we just decide
    +        %% that we want a new session if the current one is older than
    +        %% one minute.
    +        OneMinute = 60 * 1000000, % microseconds
    --- End diff --
    
    Yes, that's possible, but what advantage would it get us?  I had previously implemented
it, but then threw it away again.  One disadvantage of that is that it makes us rely on clocks
being synchronized, which is an assumption we probably like to avoid here.
    
    As of now, we unfortunately don't have any knowledge about the expiry time of a cookie
here (there's only have the timestamp).  Choosing one minute seems like a good compromise
to me, as it's unlikely that people will configuring a session timeout below that.  However,
it might be good to consequently limit the session timeout to a minimum of one minute and
document it appropriately.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message