-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(server): remove inactive sessions #9121
Conversation
Deploying immich with
|
Latest commit: |
464cf76
|
Status: | ✅ Deploy successful! |
Preview URL: | https://0bc2cf09.immich.pages.dev |
Branch Preview URL: | https://feat-remove-inactive-session.immich.pages.dev |
@@ -26,6 +27,14 @@ describe('SessionService', () => { | |||
expect(sut).toBeDefined(); | |||
}); | |||
|
|||
describe('search', () => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we test deleting outdated tokens and preserving recent tokens?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, had to run though and that's all I finished on the first pass lol
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All good. Should this PR still be draft then? 😛
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nope I'm on it :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ideally I'd also like to have e2e tests for testing the repository method but since this is a nightly job that's a bit tricky I think.
@@ -19,6 +21,25 @@ export class SessionService { | |||
this.access = AccessCore.create(accessRepository); | |||
} | |||
|
|||
async handleCleanup() { | |||
const sessions = await this.sessionRepository.search({ | |||
updatedBefore: DateTime.now().minus({ days: 90 }).toJSDate(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we want to make the timeout configurable?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@bo0tzz where would you put that in the admin settings? User Settings?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We maybe should move password and auth and oauth into a parent auth category in the UI.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
An overarching auth section is probably the cleanest, but under server or user settings would work for me as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Moving the auth/oauth settings around and adding the delay for deleting sessions will be its own PR
make sql