The system.web_session table is periodically purged. This is handled in purge_auth_seession.go and is controlled using cluster settings. An alternative (possibly better) would be to have the table configured with row-level ttl and have that manage these web_sessions.
Things to consider
handling deleteOldExpiredSessionsStmt vs deleteOldRevokedSessionsStmt vs deleteSessionsAutoLogoutStmt
we want the TTL to be configurable by the user, without a schema change on the table. This means possibly that the TTL expression should be able to refer to a cluster setting.
It would probably benefit from doing a bit of up-front investigation, since there might be some complexity with getting the jobs framework to operate on a system table.
The
system.web_session
table is periodically purged. This is handled inpurge_auth_seession.go
and is controlled using cluster settings. An alternative (possibly better) would be to have the table configured with row-level ttl and have that manage these web_sessions.Things to consider
deleteOldExpiredSessionsStmt
vsdeleteOldRevokedSessionsStmt
vsdeleteSessionsAutoLogoutStmt
related: https://github.com/cockroachdb/cockroach/pull/88766
Jira issue: CRDB-20259
Epic CRDB-21265