*/
'session_lifetime' => 60 * 60 * 24,
+/**
+ * `true` enabled a relaxed session timeout, where the session timeout would no longer be
+ * handled by Nextcloud but by either the PHP garbage collection or the expiration of
+ * potential other session backends like redis.
+ *
+ * This may lead to sessions being available for longer than what session_lifetime uses but
+ * comes with performance benefits as sessions are no longer a locking operation for concurrent
+ * requests.
+ */
+'session_relaxed_expiry' => false,
+
/**
* Enable or disable session keep-alive when a user is logged in to the Web UI.
* Enabling this sends a "heartbeat" to the server to keep it from timing out.
\OC::$server->getUserSession()->logout();
}
- $session->set('LAST_ACTIVITY', time());
+ if (!self::hasSessionRelaxedExpiry()) {
+ $session->set('LAST_ACTIVITY', time());
+ }
$session->close();
}
return \OC::$server->getConfig()->getSystemValue('session_lifetime', 60 * 60 * 24);
}
+ /**
+ * @return bool true if the session expiry should only be done by gc instead of an explicit timeout
+ */
+ public static function hasSessionRelaxedExpiry(): bool {
+ return \OC::$server->getConfig()->getSystemValue('session_relaxed_expiry', false);
+ }
+
/**
* Try to set some values to the required Nextcloud default
*/
*/
public function reopen(): bool {
if ($this->sessionClosed) {
- $this->startSession();
+ $this->startSession(false, false);
$this->sessionClosed = false;
return true;
}
}
}
- private function startSession(bool $silence = false) {
- $this->invoke('session_start', [['cookie_samesite' => 'Lax']], $silence);
+ private function startSession(bool $silence = false, bool $readAndClose = true) {
+ $sessionParams = ['cookie_samesite' => 'Lax'];
+ if (\OC::hasSessionRelaxedExpiry()) {
+ $sessionParams['read_and_close'] = $readAndClose;
+ }
+ $this->invoke('session_start', [$sessionParams], $silence);
}
}
projects / nextcloud-server.git / commitdiff