Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: max parallel sessions config #9109

Open
wants to merge 5 commits into
base: main
Choose a base branch
from

Conversation

kwasniew
Copy link
Contributor

@kwasniew kwasniew commented Jan 17, 2025

About the changes

Removing deleteStaleUserSessions flag and introducing MAX_PARALLEL_SESSIONS config with env var.

Defaults:

  • 100 for enterprise (considered undefined but a very high number leads to simpler code without special cases)
  • 5 for pro and OSS

Self-hosted can override the env var.

What's the main use case for this env var? 1 parallel session enforcement for security purposes

Important files

Discussion points

Copy link

vercel bot commented Jan 17, 2025

The latest updates on your projects. Learn more about Vercel for Git ↗︎

2 Skipped Deployments
Name Status Preview Comments Updated (UTC)
unleash-docs ⬜️ Ignored (Inspect) Visit Preview Jan 17, 2025 8:31am
unleash-monorepo-frontend ⬜️ Ignored (Inspect) Visit Preview Jan 17, 2025 8:31am

Copy link
Contributor

github-actions bot commented Jan 17, 2025

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails

Scanned Files

@@ -638,6 +642,12 @@ export function createConfig(options: IUnleashOptions): IUnleashConfig {
ui.environment,
isTest,
);

const session: ISessionOption = mergeAll([
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

moved so that isEnterprise is available

@@ -201,6 +201,7 @@ unleash.start(unleashOptions);
instructing the browser to clear all cookies on the same domain Unleash is running on. If disabled unleash will
only destroy and clear the session cookie. Defaults to _true_. `SESSION_CLEAR_SITE_DATA_ON_LOGOUT`
- _cookieName_ - Name of the cookies used to hold the session id. Defaults to 'unleash-session'.
- _maxParallelSessions_ - The maximum number of parallel user sessions with password based login. `MAX_PARALLEL_SESSIONS`
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

documenting the new option

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks! looks good.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: In Progress
Development

Successfully merging this pull request may close these issues.

2 participants