IDP authentication fails during heavy indexing load

[vorpalhex]

When copyparty is indexing (edsa is enabled) and it has a lot to index (24tb), then while it is busy indexing login attempts timeout and the user acts as if they have no authentication. If edsa is removed or if the indexing is done, everything goes back to behaving as expected.

This does fail closed - meaning a user simply becomes a public user. This isn't a security issue. It's just an inconvenience.

Two relevent log messages:

22:19:35.039 auth                  reinitializing due to new user from IdP: [kyros:['admins', 'authentik Admins', 'copyparty', 'household']]

and then some time later:

22:23:21.975 192.168.1.129 52422   unknown username: [kyros]

[9001]

I'm sorry to say that this is a known issue, and really tricky to fix in a safe manner -- while there are some possible approaches, i have an iffy feeling that each and all of them would introduce some sort of race, either causing inconsistent tracking of files for deduplication, or worse.

I'll leave the issue open in case I ever think of a proper fix, and to remind myself to document this behavior, which I'm sorry that i forgot.

EDIT: it might be possible to register new users while indexing is running, if it is acceptable to only give them read-access until the indexing has finished. I'll give that a try at some point :>