[INP-746] Don't create session in admin console, until admin has logged-in - In-Portal Issue Tracker

XML

Word

Printable

Details

Type: Bug Report
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 5.1.1-RC1
Fix Version/s: 5.1.2-B1
Component/s: Data Management
Labels:
None

External issue URL:
http://tracker.in-portal.org/view.php?id=930
Change Log Message:
Removed initial session creation in Admin Console
External issue ID:
930
Copy Issue Key:
Patch Instructions:
Patches must be submitted through Phabricator.
- To submit patch via Command Line use Patches Workflow (via Arcanist) tutorial
- To submit patch via Web Interface use Patches Workflow (via Web Interface) tutorial

Description

On Front-end In-Portal don't create empty session (records in UserSession and SessionData tables) until there is need to write something into it (e.g. user_id of logged-in user).

Why we don't have same type protection against too much unused sessions being created in admin console too.

For example I don't have ability to enable cookies and I'm just refreshing admin console login screen. New session will be created each time I do so.

Also, when I need to ask something from admin console via CURL request, then also session is created.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

dont_create_admin_session_when_not_logged_in.patch
6 kB
19/Nov/10 6:14 AM

Issue Links

parent of

INP-455 Session Expiration Message for Non-Logged-in users in Admin

Closed

mentioned in: Page Loading...

Activity

People

Assignee:

Alex

Reporter:

Alex

Developer:

Alex

Votes:

0 Vote for this issue

Watchers:

0 Start watching this issue

Dates

Created:

19/Nov/10 6:14 AM

Updated:

29/Aug/15 12:03 PM

Resolved:

30/Mar/11 9:53 AM