Closed Maddin-619 closed 1 year ago
magiconair
commented
1 year ago Thank you! I've refactored the change to make closing the session explicit and not just a side effect of setting the session. However, we still call setSession in the ActivateSession handler and there is a side-effect here. Question is at which point should the session variable contain a valid value. After creation or after activation? I'll merge it and release a v0.3.16 shortly together with your other fix.
magiconair
commented
1 year ago This will go into v0.4.0
Maddin-619
commented
3 weeks ago @magiconair In the current version the bug occurs again. A good PR should have include some tests, damn it. Sorry about that.
It's basically the same problem as the last time: If ActivateSession fails, the session is not stored in the atomic variable and therefore cannot be closed. Are you good if i submit another PR? If yes do you prefer the explicit way again?
At the moment if the session activation failed the session dosn't get closed. Depending on the server session timeout there can accumulate lots of danggling sessions.
To close the session after a activation failure the session must be set before calling the
Closefunction.