mirror of
https://github.com/transloadit/uppy.git
synced 2026-07-17 16:50:22 +00:00
reduce companion redis key timeouts to 10 min (#6357)
https://github.com/transloadit/api2/pull/8345#pullrequestreview-4552806932 See also #3748 and #4394
This commit is contained in:
commit
616f928479
5 changed files with 25 additions and 8 deletions
5
.changeset/purple-vans-act.md
Normal file
5
.changeset/purple-vans-act.md
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
"@uppy/companion": patch
|
||||
---
|
||||
|
||||
Reduce companion redis key timeouts to 10 min - In theory this shouldn't affect users
|
||||
|
|
@ -602,8 +602,11 @@ export default class Uploader {
|
|||
saveState(state: { action: string; payload: unknown }): void {
|
||||
if (!this.storage) return
|
||||
// make sure the keys get cleaned up.
|
||||
// We don't need more than 10 minutes because progress events should make sure that it doesn't expire before the upload is done.
|
||||
// assume that after the upload is done, we don't need it around for long
|
||||
// https://github.com/transloadit/uppy/issues/3748
|
||||
const keyExpirySec = 60 * 60 * 24
|
||||
// https://github.com/transloadit/api2/pull/8345#pullrequestreview-4552806932
|
||||
const keyExpirySec = 60 * 10
|
||||
const redisKey = `${Uploader.STORAGE_PREFIX}:${this.token}`
|
||||
this.storage.set(redisKey, jsonStringify(state), 'EX', keyExpirySec)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -108,7 +108,7 @@ function getCommonCookieOptions({
|
|||
return cookieOptions
|
||||
}
|
||||
|
||||
const getCookieName = (oauthProvider: string): string =>
|
||||
export const getCookieName = (oauthProvider: string): string =>
|
||||
`uppyAuthToken--${oauthProvider}`
|
||||
|
||||
const addToCookies = ({
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ import packageJson from '../../package.json' with { type: 'json' }
|
|||
import type { CompanionRuntimeOptions } from '../types/companion-options.js'
|
||||
import type { ProviderUserSession } from '../types/express.js'
|
||||
import * as tokenService from './helpers/jwt.js'
|
||||
import { getCookieName } from './helpers/jwt.js'
|
||||
import { getURLBuilder } from './helpers/utils.js'
|
||||
import * as logger from './logger.js'
|
||||
import { isOAuthProvider } from './provider/Provider.js'
|
||||
|
|
@ -175,7 +176,7 @@ export const cookieAuthToken: RequestHandler = (req, res, next) => {
|
|||
if (oauthProvider == null || oauthProvider.length === 0) {
|
||||
return next()
|
||||
}
|
||||
req.companion.authToken = req.cookies[`uppyAuthToken--${oauthProvider}`]
|
||||
req.companion.authToken = req.cookies[getCookieName(oauthProvider)]
|
||||
return next()
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -136,13 +136,21 @@ export default function server(inputCompanionOptions?: CompanionInitOptions) {
|
|||
})
|
||||
}
|
||||
|
||||
if (process.env['COMPANION_COOKIE_DOMAIN']) {
|
||||
sessionOptions.cookie = {
|
||||
domain: process.env['COMPANION_COOKIE_DOMAIN'],
|
||||
maxAge: 24 * 60 * 60 * 1000, // 1 day
|
||||
}
|
||||
const cookieOptions: SessionOptions['cookie'] = {
|
||||
// AFAIK sessions are only used for the initial oauth2 dance, and not after that.
|
||||
// Therefore 10 minutes should be plenty of time for the user to complete the oauth2 dance.
|
||||
// we might want to see if we can make grant work without sessions, so we can remove sessions:
|
||||
// https://github.com/transloadit/uppy/issues/4394
|
||||
// https://github.com/transloadit/api2/pull/8345#pullrequestreview-4552806932
|
||||
maxAge: 10 * 60 * 1000,
|
||||
}
|
||||
|
||||
if (process.env['COMPANION_COOKIE_DOMAIN']) {
|
||||
cookieOptions.domain = process.env['COMPANION_COOKIE_DOMAIN']
|
||||
}
|
||||
|
||||
sessionOptions.cookie = cookieOptions
|
||||
|
||||
// Session is used for grant redirects, so that we don't need to expose secret tokens in URLs
|
||||
// See https://github.com/transloadit/uppy/pull/1668
|
||||
// https://github.com/transloadit/uppy/issues/3538#issuecomment-1069232909
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue