Avoid redundant OAuth queries when not signed in
If you aren't signed in, you don't have an auth token. When you don't have an auth token, React was sending the headers "Authorization: Bearer null" This caused 5 Doorkeeper token lookups using WHERE "oauth_access_tokens"."token" = 'null' on the Explore page (the root of the app when not signed in).
This commit is contained in:
parent
7bfe6c7709
commit
92c9092abd
4
Gemfile
4
Gemfile
|
@ -30,7 +30,9 @@ gem 'charlock_holmes', '~> 0.7.6'
|
|||
gem 'iso-639'
|
||||
gem 'chewy', '~> 5.0'
|
||||
gem 'cld3', '~> 3.2.4'
|
||||
gem 'devise', '~> 4.6'
|
||||
git 'https://github.com/freespeech4ever/devise.git', branch: 'gab2' do
|
||||
gem 'devise'
|
||||
end
|
||||
gem 'devise-two-factor', '~> 3.0'
|
||||
|
||||
group :pam_authentication, optional: true do
|
||||
|
|
20
Gemfile.lock
20
Gemfile.lock
|
@ -1,3 +1,15 @@
|
|||
GIT
|
||||
remote: https://github.com/freespeech4ever/devise.git
|
||||
revision: 4009905531f28ebd7ecab22f898b5d6180eefb4a
|
||||
branch: gab2
|
||||
specs:
|
||||
devise (4.7.3)
|
||||
bcrypt (~> 3.0)
|
||||
orm_adapter (~> 0.1)
|
||||
railties (>= 4.1.0)
|
||||
responders
|
||||
warden (~> 1.2.3)
|
||||
|
||||
GIT
|
||||
remote: https://github.com/rtomayko/posix-spawn
|
||||
revision: 58465d2e213991f8afb13b984854a49fcdcc980c
|
||||
|
@ -183,12 +195,6 @@ GEM
|
|||
rake (> 10, < 14)
|
||||
ruby-statistics (>= 2.1)
|
||||
thor (>= 0.19, < 2)
|
||||
devise (4.7.3)
|
||||
bcrypt (~> 3.0)
|
||||
orm_adapter (~> 0.1)
|
||||
railties (>= 4.1.0)
|
||||
responders
|
||||
warden (~> 1.2.3)
|
||||
devise-two-factor (3.1.0)
|
||||
activesupport (< 6.1)
|
||||
attr_encrypted (>= 1.3, < 4, != 2)
|
||||
|
@ -696,7 +702,7 @@ DEPENDENCIES
|
|||
climate_control (~> 0.2)
|
||||
concurrent-ruby
|
||||
derailed_benchmarks
|
||||
devise (~> 4.6)
|
||||
devise!
|
||||
devise-two-factor (~> 3.0)
|
||||
devise_pam_authenticatable2 (~> 9.2)
|
||||
doorkeeper (~> 5.1)
|
||||
|
|
|
@ -109,7 +109,7 @@ const fetchListsSuccess = (lists) => ({
|
|||
|
||||
const fetchListsFail = (error) => ({
|
||||
type: LISTS_FETCH_FAIL,
|
||||
showToast: true,
|
||||
showToast: false,
|
||||
error,
|
||||
})
|
||||
|
||||
|
|
|
@ -25,16 +25,20 @@ function setCSRFHeader() {
|
|||
|
||||
ready(setCSRFHeader);
|
||||
|
||||
export default getState => axios.create({
|
||||
headers: Object.assign(csrfHeader, getState ? {
|
||||
'Authorization': `Bearer ${getState().getIn(['meta', 'access_token'], '')}`,
|
||||
} : {}),
|
||||
export default getState => {
|
||||
const authToken = getState ? getState().getIn(['meta', 'access_token'], '') : null;
|
||||
|
||||
transformResponse: [function (data) {
|
||||
try {
|
||||
return JSON.parse(data);
|
||||
} catch (Exception) {
|
||||
return data;
|
||||
}
|
||||
}],
|
||||
});
|
||||
return axios.create({
|
||||
headers: Object.assign(csrfHeader, authToken ? {
|
||||
'Authorization': `Bearer ${authToken}}`,
|
||||
} : {}),
|
||||
|
||||
transformResponse: [function (data) {
|
||||
try {
|
||||
return JSON.parse(data);
|
||||
} catch (Exception) {
|
||||
return data;
|
||||
}
|
||||
}],
|
||||
});
|
||||
};
|
||||
|
|
|
@ -15,11 +15,6 @@ class AccountModerationNote < ApplicationRecord
|
|||
belongs_to :account
|
||||
belongs_to :target_account, class_name: 'Account'
|
||||
|
||||
connects_to database: {
|
||||
writing: :master,
|
||||
reading: :master
|
||||
}
|
||||
|
||||
scope :latest, -> { reorder('created_at DESC') }
|
||||
|
||||
validates :content, presence: true, length: { maximum: 500 }
|
||||
|
|
|
@ -15,8 +15,8 @@
|
|||
class AccountVerificationRequest < ApplicationRecord
|
||||
|
||||
connects_to database: {
|
||||
writing: :master,
|
||||
reading: :master
|
||||
writing: :primary,
|
||||
reading: :primary
|
||||
}
|
||||
|
||||
LIMIT = 4.megabytes
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
class ApplicationRecord < ActiveRecord::Base
|
||||
connects_to database: {
|
||||
writing: :master,
|
||||
writing: :primary,
|
||||
reading: :slave1
|
||||
}
|
||||
self.abstract_class = true
|
||||
|
|
|
@ -29,11 +29,6 @@ class Report < ApplicationRecord
|
|||
|
||||
validates :comment, length: { maximum: 1000 }
|
||||
|
||||
connects_to database: {
|
||||
writing: :master,
|
||||
reading: :master
|
||||
}
|
||||
|
||||
def local?
|
||||
false # Force uri_for to use uri attribute
|
||||
end
|
||||
|
|
|
@ -19,9 +19,4 @@ class ReportNote < ApplicationRecord
|
|||
|
||||
validates :content, presence: true, length: { maximum: 500 }
|
||||
|
||||
connects_to database: {
|
||||
writing: :master,
|
||||
reading: :master
|
||||
}
|
||||
|
||||
end
|
||||
|
|
|
@ -23,11 +23,6 @@ class SessionActivation < ApplicationRecord
|
|||
to: :access_token,
|
||||
allow_nil: true
|
||||
|
||||
connects_to database: {
|
||||
writing: :master,
|
||||
reading: :master
|
||||
}
|
||||
|
||||
def detection
|
||||
@detection ||= Browser.new(user_agent)
|
||||
end
|
||||
|
@ -45,7 +40,9 @@ class SessionActivation < ApplicationRecord
|
|||
|
||||
class << self
|
||||
def active?(id)
|
||||
id && where(session_id: id).exists?
|
||||
ActiveRecord::Base.connected_to(role: :writing) do
|
||||
id && where(session_id: id).exists?
|
||||
end
|
||||
end
|
||||
|
||||
def activate(**options)
|
||||
|
@ -61,19 +58,16 @@ class SessionActivation < ApplicationRecord
|
|||
|
||||
def deactivate(id)
|
||||
return unless id
|
||||
ActiveRecord::Base.connected_to(role: :writing) do
|
||||
conn = ActiveRecord::Base.connection
|
||||
conn.exec_query "delete from session_activations where session_id = '#{id}'"
|
||||
end
|
||||
where(session_id: id).destroy_all
|
||||
end
|
||||
|
||||
def purge_old
|
||||
order('created_at desc').offset(Rails.configuration.x.max_session_activations).destroy_all
|
||||
end
|
||||
|
||||
def exclusive(id)
|
||||
where('session_id != ?', id).destroy_all
|
||||
end
|
||||
#def exclusive(id)
|
||||
# where('session_id != ?', id).destroy_all
|
||||
#end
|
||||
end
|
||||
|
||||
private
|
||||
|
@ -93,6 +87,5 @@ class SessionActivation < ApplicationRecord
|
|||
expires_in: Doorkeeper.configuration.access_token_expires_in,
|
||||
use_refresh_token: Doorkeeper.configuration.refresh_token_enabled?)
|
||||
end
|
||||
self.access_token
|
||||
end
|
||||
end
|
||||
|
|
|
@ -7,7 +7,7 @@ default: &default
|
|||
prepared_statements: <%= ENV['PREPARED_STATEMENTS'] || 'false' %>
|
||||
|
||||
development:
|
||||
master:
|
||||
primary:
|
||||
<<: *default
|
||||
url: <%= ENV['DB_MASTER_URL'] %>
|
||||
slave1:
|
||||
|
@ -39,7 +39,7 @@ test:
|
|||
# port: <%= ENV['DB_PORT'] || 5432 %>
|
||||
# prepared_statements: <%= ENV['PREPARED_STATEMENTS'] || 'true' %>
|
||||
production:
|
||||
master:
|
||||
primary:
|
||||
<<: *default
|
||||
url: <%= ENV['DB_MASTER_URL'] %>
|
||||
slave1:
|
||||
|
|
|
@ -76,6 +76,14 @@ module Devise
|
|||
end
|
||||
|
||||
Devise.setup do |config|
|
||||
|
||||
config.warden_hook_save_wrapper = Proc.new do |hook|
|
||||
# ensure the writable connection is used to avoid read-only write errors
|
||||
ApplicationRecord.connected_to(role: :writing) do
|
||||
hook.call
|
||||
end
|
||||
end
|
||||
|
||||
config.warden do |manager|
|
||||
manager.default_strategies(scope: :user).unshift :ldap_authenticatable if Devise.ldap_authentication
|
||||
manager.default_strategies(scope: :user).unshift :pam_authenticatable if Devise.pam_authentication
|
||||
|
|
|
@ -7,6 +7,13 @@ Devise.setup do |config|
|
|||
options = {}
|
||||
options[:redirect_at_sign_in] = ENV['OAUTH_REDIRECT_AT_SIGN_IN'] == 'true'
|
||||
|
||||
config.warden_hook_save_wrapper = Proc.new do |hook|
|
||||
# ensure the writable connection is used to avoid read-only write errors
|
||||
ApplicationRecord.connected_to(role: :writing) do
|
||||
hook.call
|
||||
end
|
||||
end
|
||||
|
||||
# CAS strategy
|
||||
if ENV['CAS_ENABLED'] == 'true'
|
||||
cas_options = options
|
||||
|
|
Loading…
Reference in New Issue