diff options
author | Azul <azul@riseup.net> | 2016-03-19 14:59:54 +0100 |
---|---|---|
committer | Azul <azul@riseup.net> | 2016-03-19 14:59:54 +0100 |
commit | d7899039a4431cfac22d710bbc37b06160e8fc8c (patch) | |
tree | fd3e8a4b434bf2b7806e3dc5c550918c5d7af1a2 /doc/DEVELOP.md | |
parent | 15b9ae55d6eb39127b03ead4c50ca619f686b789 (diff) |
Handle conflict on token cleanup - fixes #7670
the only race condition I can think of here is this...
somebody tries to authenticate with a token that is almost expired.
auth checks and notices it is not expired yet so starts to prolonge it.
Before the polonged token is written to the db the cleanup script discovers that it has just expired.
prolonged token is written to the db
cleanup script fails to delete it from the db as it has been updated.
So what we want in this case is to keep the token alive as it was renewed in the last minute.
Diffstat (limited to 'doc/DEVELOP.md')
0 files changed, 0 insertions, 0 deletions