Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

perf(update_auth_header): only lock the resource if we are rotating tokens #267

Merged
merged 1 commit into from
Jun 16, 2015
Merged

perf(update_auth_header): only lock the resource if we are rotating tokens #267

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 26 additions & 22 deletions app/controllers/devise_token_auth/concerns/set_user_by_token.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,36 +59,40 @@ def update_auth_header
# cannot save object if model has invalid params
return unless @resource and @resource.valid? and @client_id

# Lock the user record during any auth_header updates to ensure
# we don't have write contention from multiple threads
@resource.with_lock do
if not DeviseTokenAuth.change_headers_on_each_request
auth_header = @resource.build_auth_header(@token, @client_id)

# determine batch request status after request processing, in case
# another processes has updated it during that processing
@is_batch_request = is_batch_request?(@resource, @client_id)
# update the response header
response.headers.merge!(auth_header)

auth_header = {}
else

# Lock the user record during any auth_header updates to ensure
# we don't have write contention from multiple threads
@resource.with_lock do

if not DeviseTokenAuth.change_headers_on_each_request
auth_header = @resource.build_auth_header(@token, @client_id)
# determine batch request status after request processing, in case
# another processes has updated it during that processing
@is_batch_request = is_batch_request?(@resource, @client_id)

# update the response header
response.headers.merge!(auth_header)
auth_header = {}

# extend expiration of batch buffer to account for the duration of
# this request
elsif @is_batch_request
auth_header = @resource.extend_batch_buffer(@token, @client_id)
# extend expiration of batch buffer to account for the duration of
# this request
if @is_batch_request
auth_header = @resource.extend_batch_buffer(@token, @client_id)

# update Authorization response header with new token
else
auth_header = @resource.create_new_auth_token(@client_id)
# update Authorization response header with new token
else
auth_header = @resource.create_new_auth_token(@client_id)

# update the response header
response.headers.merge!(auth_header)
end
# update the response header
response.headers.merge!(auth_header)
end

end # end lock
end # end lock

end

end

Expand Down