diff options
| author | Julius Härtl <jus@bitgrid.net> | 2022-08-16 10:09:14 +0200 |
|---|---|---|
| committer | Julius Härtl <jus@bitgrid.net> | 2022-08-17 12:10:27 +0200 |
| commit | 9e1d4312555ddc1009450b1f6b7078ae35790593 (patch) | |
| tree | d82dd6d0742db12cdd491b887ed573fb7f75ff3f | |
| parent | 9b4b72826ade5ab1bc7fb06048e62910ef607cd8 (diff) | |
| download | nextcloud-server-9e1d4312555ddc1009450b1f6b7078ae35790593.tar.gz nextcloud-server-9e1d4312555ddc1009450b1f6b7078ae35790593.zip | |
Add config option to disable strict session timeout to be able to use read_and_close
Fixed https://github.com/nextcloud/server/issues/29356
Signed-off-by: Julius Härtl <jus@bitgrid.net>
| -rw-r--r-- | config/config.sample.php | 11 | ||||
| -rw-r--r-- | lib/base.php | 11 | ||||
| -rw-r--r-- | lib/private/Session/Internal.php | 10 |
3 files changed, 28 insertions, 4 deletions
diff --git a/config/config.sample.php b/config/config.sample.php index 025cf1105a0..fe45223361f 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -257,6 +257,17 @@ $CONFIG = [ 'session_lifetime' => 60 * 60 * 24, /** + * `true` enabled a relaxed session timeout, where the session timeout would no longer be + * handled by Nextcloud but by either the PHP garbage collection or the expiration of + * potential other session backends like redis. + * + * This may lead to sessions being available for longer than what session_lifetime uses but + * comes with performance benefits as sessions are no longer a locking operation for concurrent + * requests. + */ +'session_relaxed_expiry' => false, + +/** * Enable or disable session keep-alive when a user is logged in to the Web UI. * Enabling this sends a "heartbeat" to the server to keep it from timing out. * diff --git a/lib/base.php b/lib/base.php index e787559c4c1..c0aee6c528f 100644 --- a/lib/base.php +++ b/lib/base.php @@ -455,7 +455,9 @@ class OC { \OC::$server->getUserSession()->logout(); } - $session->set('LAST_ACTIVITY', time()); + if (!self::hasSessionRelaxedExpiry()) { + $session->set('LAST_ACTIVITY', time()); + } $session->close(); } @@ -467,6 +469,13 @@ class OC { } /** + * @return bool true if the session expiry should only be done by gc instead of an explicit timeout + */ + public static function hasSessionRelaxedExpiry(): bool { + return \OC::$server->getConfig()->getSystemValue('session_relaxed_expiry', false); + } + + /** * Try to set some values to the required Nextcloud default */ public static function setRequiredIniValues() { diff --git a/lib/private/Session/Internal.php b/lib/private/Session/Internal.php index f192b20cc95..87dd5ed6014 100644 --- a/lib/private/Session/Internal.php +++ b/lib/private/Session/Internal.php @@ -178,7 +178,7 @@ class Internal extends Session { */ public function reopen(): bool { if ($this->sessionClosed) { - $this->startSession(); + $this->startSession(false, false); $this->sessionClosed = false; return true; } @@ -225,7 +225,11 @@ class Internal extends Session { } } - private function startSession(bool $silence = false) { - $this->invoke('session_start', [['cookie_samesite' => 'Lax']], $silence); + private function startSession(bool $silence = false, bool $readAndClose = true) { + $sessionParams = ['cookie_samesite' => 'Lax']; + if (\OC::hasSessionRelaxedExpiry()) { + $sessionParams['read_and_close'] = $readAndClose; + } + $this->invoke('session_start', [$sessionParams], $silence); } } |