diff options
author | Azul <azul@riseup.net> | 2016-03-19 14:59:54 +0100 |
---|---|---|
committer | Azul <azul@riseup.net> | 2016-03-19 14:59:54 +0100 |
commit | d7899039a4431cfac22d710bbc37b06160e8fc8c (patch) | |
tree | fd3e8a4b434bf2b7806e3dc5c550918c5d7af1a2 /app/models | |
parent | 15b9ae55d6eb39127b03ead4c50ca619f686b789 (diff) |
Handle conflict on token cleanup - fixes #7670
the only race condition I can think of here is this...
somebody tries to authenticate with a token that is almost expired.
auth checks and notices it is not expired yet so starts to prolonge it.
Before the polonged token is written to the db the cleanup script discovers that it has just expired.
prolonged token is written to the db
cleanup script fails to delete it from the db as it has been updated.
So what we want in this case is to keep the token alive as it was renewed in the last minute.
Diffstat (limited to 'app/models')
-rw-r--r-- | app/models/token.rb | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/app/models/token.rb b/app/models/token.rb index 4afd275..b398fcb 100644 --- a/app/models/token.rb +++ b/app/models/token.rb @@ -59,7 +59,8 @@ class Token < CouchRest::Model::Base # So let's make sure we don't crash if they disappeared def destroy_with_rescue destroy_without_rescue - rescue RestClient::ResourceNotFound + rescue RestClient::ResourceNotFound # do nothing it's gone already + rescue RestClient::Conflict # do nothing - it's been updated - #7670 end alias_method_chain :destroy, :rescue |