Skip redunant before_logout warden events

author: Grzegorz Bizon <grzesiek.bizon@gmail.com> 2018-08-02 16:30:27 +0300
committer: Grzegorz Bizon <grzesiek.bizon@gmail.com> 2018-08-02 16:41:14 +0300
commit: e698a22e10c1773017bea7efd4417c371f2e1c11 (patch)
tree: f4c115123e5454592b5a8ce184d6816b6367ecc9 /config
parent: c2a5bbc295b6ff8159e5f70548ee161900aaf241 (diff)
1 files changed, 14 insertions, 5 deletions
diff --git a/config/initializers/warden.rb b/config/initializers/warden.rb
index 6458928b54e..c06cedf473d 100644
--- a/config/initializers/warden.rb
+++ b/config/initializers/warden.rb
@@ -30,14 +30,23 @@ Rails.application.configure do |config|
   end
 
   Warden::Manager.before_logout(scope: :user) do |user, auth, opts|
-    user ||= auth.user
+    ActiveSession.destroy(user || auth.user, auth.request.session.id)
+
+    activity = Gitlab::Auth::Activity.new(opts)
+    tracker = Gitlab::Auth::BlockedUserTracker.new(user, auth)
+
+    ##
+    # It is possible that `before_logout` event is going to be triggered
+    # multiple times during the request lifecycle. We want to increment
+    # metrics and write logs only once in that case.
+    #
+    next if (auth.env['warden.auth.trackers'] ||= {}).push(activity).many?
 
     if user.blocked?
-      Gitlab::Auth::Activity.new(opts).user_blocked!
-      Gitlab::Auth::BlockedUserTracker.new(user, auth).log_activity!
+      activity.user_blocked!
+      tracker.log_activity!
     end
 
-    Gitlab::Auth::Activity.new(opts).user_session_destroyed!
-    ActiveSession.destroy(user, auth.request.session.id)
+    activity.user_session_destroyed!
   end
 end
author	Grzegorz Bizon <grzesiek.bizon@gmail.com>	2018-08-02 16:30:27 +0300
committer	Grzegorz Bizon <grzesiek.bizon@gmail.com>	2018-08-02 16:41:14 +0300
commit	e698a22e10c1773017bea7efd4417c371f2e1c11 (patch)
tree	f4c115123e5454592b5a8ce184d6816b6367ecc9 /config
parent	c2a5bbc295b6ff8159e5f70548ee161900aaf241 (diff)