Hello again Oryers I have a discovery and maybe a request It Ory Community #ory-network

Hello again Oryers! I have a discovery and maybe a...

curved-fountain-46946

03/29/2023, 3:02 PM

Hello again Oryers! I have a discovery and maybe a request. It seems when we invalidate a session, it will still be returned as active from the ory network edge node. This kinda defeats the purpose of invalidating sessions - would you possibly consider force purging sessions from the cache upon deletions?

curved-fountain-46946

03/29/2023, 3:04 PM

I realise that kratos maybe/probably isn't aware of which edge caches/proxies it has, but maybe the edges could listen to some events (pubsub, SSE, websock, rabbit, kafka, whatever) to catch whenever a session is invalidated?

curved-fountain-46946

03/29/2023, 3:35 PM

I mean, my assumption is that force-refreshing only refreshes the one edge-node that handles that one request, so all the other nodes will still be out of sync, right? And if I am to force refresh every time I validate a session, it kinda defeats the purpose of edge sessions 😛

fast-lunch-54279

03/29/2023, 7:49 PM

So, we immediately (in)validate sessions after serving. so you should only get ~1 request served that's stale, and only if you hit the cache during its lifetime (which is way shorter than session duration). That said, we do monitor this and are considering active invalidation along the lines you describe in the future

curved-fountain-46946

03/29/2023, 9:20 PM

Aight, maybe we (or someone) can look into it at some point? I'm fairly certain I've seen different behaviour during today - however that was a manually revoked session, not through timeout

fast-lunch-54279

03/30/2023, 7:19 AM

i'll be in touch for debugging!

👍 1

4 Views

Open in Slack

Previous Next