Loading editor/src/webedit_server.cpp +25 −3 Original line number Diff line number Diff line Loading @@ -333,7 +333,16 @@ bool webedit::Server::isAuthenticated(const std::string &authid) { if (authid.empty() || _authPools.empty()) return false; auto now = std::chrono::steady_clock::now(); { std::lock_guard<std::mutex> lk(_authCacheMtx); auto it = _authCache.find(authid); if (it != _authCache.end() && now <= it->second.expiry) return it->second.valid; } uuid::uuid sid(authid.c_str()); bool result = false; for (size_t i = 0; i < _authPools.size(); ++i) { try { Loading @@ -343,7 +352,8 @@ bool webedit::Server::isAuthenticated(const std::string &authid) { try { if (pooled.client().ClientAuth() && pooled.client().GPOcheck(uuid::uuid("e7d3b8b3-4825-11f0-ae2b-3cecefce9cb6"))) { return true; result = true; break; } } catch (...) { // Reconnect and retry once Loading @@ -351,14 +361,25 @@ bool webedit::Server::isAuthenticated(const std::string &authid) { pooled.setSessionID(sid); if (pooled.client().ClientAuth() && pooled.client().GPOcheck(uuid::uuid("e7d3b8b3-4825-11f0-ae2b-3cecefce9cb6"))) { return true; result = true; break; } } } catch (...) { continue; } } return false; { std::lock_guard<std::mutex> lk(_authCacheMtx); _authCache[authid] = { result, now + std::chrono::seconds(60) }; } return result; } void webedit::Server::invalidateAuthCache(const std::string &authid) { std::lock_guard<std::mutex> lk(_authCacheMtx); _authCache.erase(authid); } void webedit::Server::ensureSessionFromAuthid(const std::string &authid, Loading Loading @@ -569,6 +590,7 @@ void webedit::Server::handleLogout(libhttppp::HttpRequest &curreq, _session.delData(sessionid, "authid"); _session.delData(sessionid, "uid"); _session.delData(sessionid, "username"); invalidateAuthCache(authid); } // Clear the authid cookie Loading editor/src/webedit_server.h +13 −0 Original line number Diff line number Diff line Loading @@ -27,7 +27,10 @@ #pragma once #include <chrono> #include <map> #include <memory> #include <mutex> #include <vector> #include <httppp/httpd.h> #include <httppp/http.h> Loading Loading @@ -60,6 +63,7 @@ namespace webedit { std::string resolveAuthId(libhttppp::HttpRequest &curreq, const std::string &sessionid); bool isAuthenticated(const std::string &authid); void invalidateAuthCache(const std::string &authid); void ensureSessionFromAuthid(const std::string &authid, const std::string &sessionid); void handleLogin(libhttppp::HttpRequest &curreq, const std::string &sessionid); void handleLogout(libhttppp::HttpRequest &curreq, const std::string &sessionid); Loading @@ -81,6 +85,15 @@ namespace webedit { // Connection pools per auth source (indexed same as _config auth sources) std::vector<std::unique_ptr<authdb::client::ConnectionPool>> _authPools; // Short-lived cache for isAuthenticated results (60s TTL) to avoid // authdb pool exhaustion when many concurrent media preview requests arrive. struct AuthCacheEntry { bool valid; std::chrono::steady_clock::time_point expiry; }; std::map<std::string, AuthCacheEntry> _authCache; std::mutex _authCacheMtx; }; } Loading
editor/src/webedit_server.cpp +25 −3 Original line number Diff line number Diff line Loading @@ -333,7 +333,16 @@ bool webedit::Server::isAuthenticated(const std::string &authid) { if (authid.empty() || _authPools.empty()) return false; auto now = std::chrono::steady_clock::now(); { std::lock_guard<std::mutex> lk(_authCacheMtx); auto it = _authCache.find(authid); if (it != _authCache.end() && now <= it->second.expiry) return it->second.valid; } uuid::uuid sid(authid.c_str()); bool result = false; for (size_t i = 0; i < _authPools.size(); ++i) { try { Loading @@ -343,7 +352,8 @@ bool webedit::Server::isAuthenticated(const std::string &authid) { try { if (pooled.client().ClientAuth() && pooled.client().GPOcheck(uuid::uuid("e7d3b8b3-4825-11f0-ae2b-3cecefce9cb6"))) { return true; result = true; break; } } catch (...) { // Reconnect and retry once Loading @@ -351,14 +361,25 @@ bool webedit::Server::isAuthenticated(const std::string &authid) { pooled.setSessionID(sid); if (pooled.client().ClientAuth() && pooled.client().GPOcheck(uuid::uuid("e7d3b8b3-4825-11f0-ae2b-3cecefce9cb6"))) { return true; result = true; break; } } } catch (...) { continue; } } return false; { std::lock_guard<std::mutex> lk(_authCacheMtx); _authCache[authid] = { result, now + std::chrono::seconds(60) }; } return result; } void webedit::Server::invalidateAuthCache(const std::string &authid) { std::lock_guard<std::mutex> lk(_authCacheMtx); _authCache.erase(authid); } void webedit::Server::ensureSessionFromAuthid(const std::string &authid, Loading Loading @@ -569,6 +590,7 @@ void webedit::Server::handleLogout(libhttppp::HttpRequest &curreq, _session.delData(sessionid, "authid"); _session.delData(sessionid, "uid"); _session.delData(sessionid, "username"); invalidateAuthCache(authid); } // Clear the authid cookie Loading
editor/src/webedit_server.h +13 −0 Original line number Diff line number Diff line Loading @@ -27,7 +27,10 @@ #pragma once #include <chrono> #include <map> #include <memory> #include <mutex> #include <vector> #include <httppp/httpd.h> #include <httppp/http.h> Loading Loading @@ -60,6 +63,7 @@ namespace webedit { std::string resolveAuthId(libhttppp::HttpRequest &curreq, const std::string &sessionid); bool isAuthenticated(const std::string &authid); void invalidateAuthCache(const std::string &authid); void ensureSessionFromAuthid(const std::string &authid, const std::string &sessionid); void handleLogin(libhttppp::HttpRequest &curreq, const std::string &sessionid); void handleLogout(libhttppp::HttpRequest &curreq, const std::string &sessionid); Loading @@ -81,6 +85,15 @@ namespace webedit { // Connection pools per auth source (indexed same as _config auth sources) std::vector<std::unique_ptr<authdb::client::ConnectionPool>> _authPools; // Short-lived cache for isAuthenticated results (60s TTL) to avoid // authdb pool exhaustion when many concurrent media preview requests arrive. struct AuthCacheEntry { bool valid; std::chrono::steady_clock::time_point expiry; }; std::map<std::string, AuthCacheEntry> _authCache; std::mutex _authCacheMtx; }; }