search

remy / jsonbin

A personal JSON store as a RESTful service
https://jsonbin.org
393 stars 25 forks source link

It may be because I ran some program fragments and the website crashed again. #63

Open ythong opened 10 months ago

ythong commented 10 months ago

It may be because I ran some program fragments and the website crashed again. At first, https://jsonbin.org/ showed normal, then I ran the following program in the Chrome developer tools:

async function doit(action, tree, json) {
    const url = `https://jsonbin.org/me/${tree}`;
    const headers = new Headers({
        "Content-Type": "application/json",
        "Authorization": `token ****`
    });
    body = JSON.stringify(json)
    if (action == 'GET' || action=='DELETE')
        body = null;
    const response = await fetch(url, {
        method: action,
        headers: headers,
        body: body
    });
    const data = await response.text()
    console.log(data)
}

The following four steps are my memories.

1: doit('POST', '', {settings:{}});  //Unprocessable Entity
2: doit('POST', '', {});    //Unprocessable Entity
3: doit('DELETE', 'urls');  //there was an error, but I forgot what it was.
4: doit('GET', ''); //there was an error, but I forgot what it was.

After doing the above four steps, I go to https://jsonbin.org/, the page display:

We're sorry, but something went wrong.
If you are the application owner check the logs for more information.

The website crashed, sorry. Please ask @remy to see what happened, thank you.

remy commented 10 months ago

Cheers for the details - hopefully this gives me repeatable steps to fund out what's going on!

remy commented 10 months ago

I'm pretty sure this actually it's you, but a fluke that the server died during your test.

There's an individual who is polling the server every second with a bad api key, which in turn is generating one new session each time, so 60 session objects in the database per minute. So it then balloons and the database blocks connections.

I've got a fix going up now that handles sessions differently, and hopefully will put it back in control...

remy commented 10 months ago

Do you want to give that another go? I'm pretty sure the source error is fixed, and again, I'm fairly sure it was these sessions being hammered in (I've now also blocked the offending IP).