couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From KlausTrainer <...@git.apache.org>
Subject [GitHub] couchdb pull request: Use cookie authentication during replication
Date Sat, 15 Nov 2014 01:58:04 GMT
Github user KlausTrainer commented on a diff in the pull request:

    https://github.com/apache/couchdb/pull/278#discussion_r20398582
  
    --- Diff: src/couch_replicator/src/couch_replicator_httpc.erl ---
    @@ -131,6 +171,90 @@ process_stream_response(ReqId, Worker, HttpDb, Params, Callback)
->
         end.
     
     
    +process_stream_response_headers(ReqId, Code, Headers, Worker, HttpDb, Params, Callback)
->
    +    StreamDataFun = fun() ->
    +        stream_data_self(HttpDb, Params, Worker, ReqId, Callback)
    +    end,
    +    ibrowse:stream_next(ReqId),
    +    try
    +        Ret = Callback(Code, Headers, StreamDataFun),
    +        release_worker(Worker, HttpDb),
    +        clean_mailbox_req(ReqId),
    +        Ret
    +    catch throw:{maybe_retry_req, Err} ->
    +        clean_mailbox_req(ReqId),
    +        maybe_retry(Err, Worker, HttpDb, Params, Callback)
    +    end.
    +
    +
    +maybe_start_new_session(HttpDb) ->
    +    case need_new_session(HttpDb) of
    +    false -> false;
    +    true -> start_new_session(HttpDb)
    +    end.
    +
    +
    +maybe_start_new_session(HttpDb, Worker) ->
    +    case need_new_session(HttpDb) of
    +    false -> false;
    +    true -> start_new_session(HttpDb, Worker)
    +    end.
    +
    +
    +need_new_session(#httpdb{credentials = undefined}) ->
    +    false;
    +
    +need_new_session(#httpdb{credentials = Credentials}) ->
    +    case ets:lookup(Credentials, cookie) of
    +    [] ->
    +        true;
    +    [{cookie, _, UpdatedAt}] ->
    +        %% As we don't know when the cookie will expire, we just decide
    +        %% that we want a new session if the current one is older than
    +        %% one minute.
    +        OneMinute = 60 * 1000000, % microseconds
    +        timer:now_diff(os:timestamp(), UpdatedAt) > OneMinute
    --- End diff --
    
    Just figured that this is actually done already, see `maybe_set_session_cookie/2` (it's
been a while since I've wrote that code).
    
    The timestamp is just used to avoid an endless loop of re-authenticating and retrying
the same request over and over again.  Think of the case where we're getting a `401` status
code even though we've successfully authenticated and the session is still valid.
    
    Maybe this can be made more clear, or maybe there's even an alternative solution that
doesn't involve timestamps.  Suggestions appreciated!


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message