Add index on 'last_activity'

add token type column and delete only temporary tokens in the background job debounce token updates; fix wrong class import
9 years ago · 8d48502187
parent 53636c73d6
commit 8d48502187
7 changed files with 42 additions and 8 deletions
--- a/core/Controller/TokenController.php
+++ b/core/Controller/TokenController.php
@ -24,6 +24,7 @@ namespace OC\Core\Controller;

 use OC\AppFramework\Http;
 use OC\Authentication\Token\DefaultTokenProvider;
+use OC\Authentication\Token\IToken;
 use OC\User\Manager;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http\Response;
@ -49,7 +50,7 @@ class TokenController extends Controller {
 	 * @param ISecureRandom $crypto
 	 */
 	public function __construct($appName, IRequest $request, Manager $userManager, DefaultTokenProvider $tokenProvider,
-			ISecureRandom $crypto) {
+		ISecureRandom $crypto) {
 		parent::__construct($appName, $request);
 		$this->userManager = $userManager;
 		$this->tokenProvider = $tokenProvider;
@ -73,7 +74,7 @@ class TokenController extends Controller {
 			return new Response([], Http::STATUS_UNAUTHORIZED);
 		}
 		$token = $this->secureRandom->generate(128);
-		$this->tokenProvider->generateToken($token, $user, $password, $name);
+		$this->tokenProvider->generateToken($token, $user, $password, $name, IToken::PERMANENT_TOKEN);
 		return [
 			'token' => $token,
 		];
--- a/db_structure.xml
+++ b/db_structure.xml
@ -1079,6 +1079,15 @@
 				<length>100</length>
 			</field>

+			<field>
+				<name>type</name>
+				<type>integer</type>
+				<default>0</default>
+				<notnull>true</notnull>
+				<unsigned>true</unsigned>
+				<length>2</length>
+			</field>
+
 			<field>
 				<name>last_activity</name>
 				<type>integer</type>
@ -1097,6 +1106,14 @@
 				</field>
 			</index>

+			<index>
+				<name>authtoken_last_activity_index</name>
+				<field>
+					<name>last_activity</name>
+					<sorting>ascending</sorting>
+				</field>
+			</index>
+
 		</declaration>
 	</table>

--- a/lib/private/Authentication/Token/DefaultToken.php
+++ b/lib/private/Authentication/Token/DefaultToken.php
@ -46,6 +46,11 @@ class DefaultToken extends Entity implements IToken {
 	 */
 	protected $token;

+	/**
+	 * @var int
+	 */
+	protected $type;
+
 	/**
 	 * @var int
 	 */
--- a/lib/private/Authentication/Token/DefaultTokenMapper.php
+++ b/lib/private/Authentication/Token/DefaultTokenMapper.php
@ -50,9 +50,11 @@ class DefaultTokenMapper extends Mapper {
 	 */
 	public function invalidateOld($olderThan) {
 		$sql = 'DELETE FROM `' . $this->getTableName() . '` '
-			. 'WHERE `last_activity` < ?';
+			. 'WHERE `last_activity` < ? '
+			. 'AND `type` = ?';
 		$this->execute($sql, [
-			$olderThan
+			$olderThan,
+			IToken::TEMPORARY_TOKEN,
 		]);
 	}

--- a/lib/private/Authentication/Token/DefaultTokenProvider.php
+++ b/lib/private/Authentication/Token/DefaultTokenProvider.php
@ -61,14 +61,16 @@ class DefaultTokenProvider implements IProvider {
 	 * @param string $token
 	 * @param string $uid
 	 * @param string $password
+	 * @apram int $type token type
 	 * @return DefaultToken
 	 */
-	public function generateToken($token, $uid, $password, $name) {
+	public function generateToken($token, $uid, $password, $name, $type = IToken::TEMPORARY_TOKEN) {
 		$dbToken = new DefaultToken();
 		$dbToken->setUid($uid);
 		$dbToken->setPassword($this->encryptPassword($password, $token));
 		$dbToken->setName($name);
 		$dbToken->setToken($this->hashToken($token));
+		$dbToken->setType($type);
 		$dbToken->setLastActivity(time());

 		$this->mapper->insert($dbToken);
--- a/lib/private/Authentication/Token/IToken.php
+++ b/lib/private/Authentication/Token/IToken.php
@ -27,6 +27,9 @@ namespace OC\Authentication\Token;
 */
 interface IToken {

+	const TEMPORARY_TOKEN = 0;
+	const PERMANENT_TOKEN = 1;
+
 	/**
 	 * Get the token ID
 	 *
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@ -38,7 +38,6 @@ use OC\Authentication\Exceptions\InvalidTokenException;
 use OC\Authentication\Token\DefaultTokenProvider;
 use OC\Authentication\Token\IProvider;
 use OC\Hooks\Emitter;
-use OC\Session\Session;
 use OC_User;
 use OCA\DAV\Connector\Sabre\Auth;
 use OCP\IRequest;
@ -73,7 +72,7 @@ class Session implements IUserSession, Emitter {
 	private $manager;

 	/*
-	 * @var Session $session
+	 * @var ISession $session
 	 */
 	private $session;

@ -219,7 +218,12 @@ class Session implements IUserSession, Emitter {
 		}

 		// Session is valid, so the token can be refreshed
-		$this->tokenProvider->updateToken($token);
+		// To save unnecessary DB queries, this is only done once a minute
+		$lastTokenUpdate = $this->session->get('last_token_update') ? : 0;
+		if ($lastTokenUpdate < (time () - 60)) {
+			$this->tokenProvider->updateToken($token);
+			$this->session->set('last_token_update', time());
+		}

 		return true;
 	}