summaryrefslogtreecommitdiff
path: root/config
diff options
context:
space:
mode:
authorStan Hu <stanhu@gmail.com>2018-07-18 11:18:14 -0700
committerStan Hu <stanhu@gmail.com>2018-07-18 12:39:51 -0700
commitc559c43dafb75005f5589c473729054845bb498b (patch)
tree590ffab29094fa7a64f8c1e0cc14552b76a2876a /config
parent9bdc9b1ae69a62ad764d8ae59baa43a4a0be1d3a (diff)
downloadgitlab-ce-c559c43dafb75005f5589c473729054845bb498b.tar.gz
Limit the TTL for anonymous sessions to 1 hour
By default, all sessions are given the same expiration time configured in the session store (e.g. 1 week). However, unauthenticated users can generate a lot of sessions, primarily for CSRF verification. It makes sense to reduce the TTL for unauthenticated to something much lower than the default (e.g. 1 hour) to limit Redis memory. In addition, Rails creates a new session after login, so the short TTL doesn't even need to be extended. Closes #48101
Diffstat (limited to 'config')
-rw-r--r--config/initializers/1_settings.rb1
1 files changed, 1 insertions, 0 deletions
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 4b9cc59ec45..44bc72a7185 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -140,6 +140,7 @@ Settings.gitlab['default_projects_features'] ||= {}
Settings.gitlab['webhook_timeout'] ||= 10
Settings.gitlab['max_attachment_size'] ||= 10
Settings.gitlab['session_expire_delay'] ||= 10080
+Settings.gitlab['unauthenticated_session_expire_delay'] ||= 1.hour.to_i
Settings.gitlab.default_projects_features['issues'] = true if Settings.gitlab.default_projects_features['issues'].nil?
Settings.gitlab.default_projects_features['merge_requests'] = true if Settings.gitlab.default_projects_features['merge_requests'].nil?
Settings.gitlab.default_projects_features['wiki'] = true if Settings.gitlab.default_projects_features['wiki'].nil?