From e069cab0e39f350965ce70c404a0a0e6c1974aba Mon Sep 17 00:00:00 2001 From: Guy Sartorelli Date: Wed, 16 Aug 2023 09:16:26 +1200 Subject: [PATCH] DOC Add note about limiting session garbage collection --- .../18_Cookies_And_Sessions/03_Managing_Sessions.md | 13 +++++++++++-- en/04_Changelogs/5.1.0.md | 1 + 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/en/02_Developer_Guides/18_Cookies_And_Sessions/03_Managing_Sessions.md b/en/02_Developer_Guides/18_Cookies_And_Sessions/03_Managing_Sessions.md index bd90cf2a7..32f177a2e 100644 --- a/en/02_Developer_Guides/18_Cookies_And_Sessions/03_Managing_Sessions.md +++ b/en/02_Developer_Guides/18_Cookies_And_Sessions/03_Managing_Sessions.md @@ -38,7 +38,7 @@ PHP session is pointing to a valid [`LoginSession`](api:SilverStripe\SessionMana If a valid record is found, it will update the `LastAccessed` date. Otherwise, it will force a logout, destroying the PHP session. -A periodic process ([`GarbageCollectionService`](api:SilverStripe\SessionManager\Services\GarbageCollectionService)) cleans up expired [`LoginSession`](api:SilverStripe\SessionManager\Models\LoginSession) records. +A periodic process ([`GarbageCollectionService`](api:SilverStripe\SessionManager\Services\GarbageCollectionService) - see [garbage collection](#garbage-collection) below) cleans up expired [`LoginSession`](api:SilverStripe\SessionManager\Models\LoginSession) records. Due to the way PHP sessions operate, it can not expire those sessions as well. The PHP sessions will be invalidated on next request through [`LoginSessionMiddleware`](api:SilverStripe\SessionManager\Middleware\LoginSessionMiddleware), unless they expire independently beforehand (through PHP's own session expiry logic). @@ -161,7 +161,16 @@ Note that if the member’s session expires before this timeout (e.g. a short `s ### Garbage collection -Expired sessions need to be cleaned up periodically to avoid bloating the database. There are two methods available to manage this: +Expired sessions need to be cleaned up periodically to avoid bloating the database. There are two methods available to manage this, discussed below. + +Regardless of how you manage garbage collection, the `GarbageCollectionService` is ultimately in charge of performing the garbage collection. It tries to remove all of the garbage data in a single run, but if you have particularly large tables it can timeout or run into memory limits and fail part-way through. Running it multiple times will eventually get through all of the data, but it can be annoying to have all of those extra error messages cluttering your logs. + +You can optionally limit the number of items it will remove in a single run by setting the following yaml configuration: + +```yml +SilverStripe\SessionManager\Services\GarbageCollectionService: + batch_remove_limit: 1000 +``` #### Via `symbiote/silverstripe-queuedjobs` (recommended) If you have the `symbiote/silverstripe-queuedjobs` module installed and configured, garbage collection will run automatically every 1 day via `GarbageCollectionJob`, and no further action is required. This job will be automatically created if it does not exist on dev/build. diff --git a/en/04_Changelogs/5.1.0.md b/en/04_Changelogs/5.1.0.md index 2c5a92365..d3dcce467 100644 --- a/en/04_Changelogs/5.1.0.md +++ b/en/04_Changelogs/5.1.0.md @@ -127,6 +127,7 @@ SilverStripe\SessionManager\Models\LoginSession: - Extensions which modify permissions for [`Group`](api:SilverStripe\Security\Group) records which return `true` will be respected, the same as when modifying permissions for any other `DataObject` record. - The [`ListboxField`](api:SilverStripe\Forms\ListboxField) now has a react component, and can be used in react-powered contexts such as within elemental blocks - A new [`FieldsValidator`](api:SilverStripe\Forms\FieldsValidator) class has been added, which simply calls [`validate()`](api:SilverStripe\Forms\FormField::validate()) on all data fields in the form to ensure fields have valid values. Functionally equivalent to an empty [`RequiredFields`](api:SilverStripe\Forms\RequiredFields) validator. +- A configuration option has been added to [`GarbageCollectionService`](api:SilverStripe\SessionManager\Services\GarbageCollectionService) to limit the number of items it removes each time you run garbage collection on session data. See [garbage collection](/developer_guides/cookies_and_sessions/managing_sessions/#garbage-collection) for more details. ## API changes