lewis.moe
Monorepo for Tangled
appview/oauth: store and reuse the same app password session
We seem to be hammering bsky's PDS, which explains the 429s. Perhaps
re-using the session alleviates the pressure. It's hard to test this
locally since their rate limits vanish (different host/IP).
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
authored by
Anirudh Oppiliappan
and committed by
Seongmin Lee
7b28c489
2e78be8f
+38
-3
appview/oauth/handler.go
+38
-3
appview/oauth/handler.go
···
6
6
"encoding/json"
7
7
"errors"
8
8
"fmt"
9
+
"log/slog"
9
10
"net/http"
10
11
"slices"
11
12
"time"
···
130
131
}
131
132
132
133
l.Debug("adding to default spindle")
133
-
session, err := CreateAppPasswordSession(o.IdResolver, o.Config.Core.AppPassword, consts.TangledDid, o.Config.Core.RateLimitBypass)
134
+
session, err := o.getAppPasswordSession()
134
135
if err != nil {
135
136
l.Error("failed to create session", "err", err)
136
137
return
···
144
145
}
145
146
146
147
if err := session.putRecord(record, tangled.SpindleMemberNSID); err != nil {
148
+
o.invalidateAppPasswordSession()
147
149
l.Error("failed to add to default spindle", "err", err)
148
150
return
149
151
}
···
169
171
}
170
172
171
173
l.Debug("adding to default knot")
172
-
session, err := CreateAppPasswordSession(o.IdResolver, o.Config.Core.AppPassword, consts.TangledDid, o.Config.Core.RateLimitBypass)
174
+
session, err := o.getAppPasswordSession()
173
175
if err != nil {
174
176
l.Error("failed to create session", "err", err)
175
177
return
···
183
185
}
184
186
185
187
if err := session.putRecord(record, tangled.KnotMemberNSID); err != nil {
188
+
o.invalidateAppPasswordSession()
186
189
l.Error("failed to add to default knot", "err", err)
187
190
return
188
191
}
···
248
251
PdsEndpoint string
249
252
Did string
250
253
RateLimitBypass string
254
+
Logger *slog.Logger
251
255
}
252
256
253
-
func CreateAppPasswordSession(res *idresolver.Resolver, appPassword, did, rateLimitBypass string) (*AppPasswordSession, error) {
257
+
func CreateAppPasswordSession(res *idresolver.Resolver, appPassword, did, rateLimitBypass string, logger *slog.Logger) (*AppPasswordSession, error) {
254
258
if appPassword == "" {
255
259
return nil, fmt.Errorf("no app password configured")
256
260
}
···
284
288
sessionReq.Header.Set("x-ratelimit-bypass", rateLimitBypass)
285
289
}
286
290
291
+
logger.Debug("creating app password session", "url", sessionURL, "headers", sessionReq.Header)
292
+
287
293
client := &http.Client{Timeout: 30 * time.Second}
288
294
sessionResp, err := client.Do(sessionReq)
289
295
if err != nil {
···
303
309
session.PdsEndpoint = pdsEndpoint
304
310
session.Did = did
305
311
session.RateLimitBypass = rateLimitBypass
312
+
session.Logger = logger
306
313
307
314
return &session, nil
308
315
}
···
337
344
req.Header.Set("x-ratelimit-bypass", s.RateLimitBypass)
338
345
}
339
346
347
+
s.Logger.Debug("putting record", "url", url, "collection", collection, "headers", req.Header)
348
+
340
349
client := &http.Client{Timeout: 30 * time.Second}
341
350
resp, err := client.Do(req)
342
351
if err != nil {
···
350
359
351
360
return nil
352
361
}
362
+
363
+
// getAppPasswordSession returns a cached AppPasswordSession, creating one if needed.
364
+
func (o *OAuth) getAppPasswordSession() (*AppPasswordSession, error) {
365
+
o.appPasswordSessionMu.Lock()
366
+
defer o.appPasswordSessionMu.Unlock()
367
+
368
+
if o.appPasswordSession != nil {
369
+
return o.appPasswordSession, nil
370
+
}
371
+
372
+
session, err := CreateAppPasswordSession(o.IdResolver, o.Config.Core.AppPassword, consts.TangledDid, o.Config.Core.RateLimitBypass, o.Logger)
373
+
if err != nil {
374
+
return nil, err
375
+
}
376
+
377
+
o.appPasswordSession = session
378
+
return session, nil
379
+
}
380
+
381
+
// invalidateAppPasswordSession clears the cached session so the next call to
382
+
// getAppPasswordSession will create a fresh one.
383
+
func (o *OAuth) invalidateAppPasswordSession() {
384
+
o.appPasswordSessionMu.Lock()
385
+
defer o.appPasswordSessionMu.Unlock()
386
+
o.appPasswordSession = nil
387
+
}
+4
appview/oauth/oauth.go
+4
appview/oauth/oauth.go
···
5
5
"fmt"
6
6
"log/slog"
7
7
"net/http"
8
+
"sync"
8
9
"time"
9
10
10
11
comatproto "github.com/bluesky-social/indigo/api/atproto"
···
33
34
Enforcer *rbac.Enforcer
34
35
IdResolver *idresolver.Resolver
35
36
Logger *slog.Logger
37
+
38
+
appPasswordSession *AppPasswordSession
39
+
appPasswordSessionMu sync.Mutex
36
40
}
37
41
38
42
func New(config *config.Config, ph posthog.Client, db *db.DB, enforcer *rbac.Enforcer, res *idresolver.Resolver, logger *slog.Logger) (*OAuth, error) {
+1
-1
appview/state/state.go
+1
-1
appview/state/state.go
···
622
622
return
623
623
}
624
624
625
-
session, err := oauth.CreateAppPasswordSession(res, config.Core.AppPassword, consts.TangledDid, config.Core.RateLimitBypass)
625
+
session, err := oauth.CreateAppPasswordSession(res, config.Core.AppPassword, consts.TangledDid, config.Core.RateLimitBypass, logger)
626
626
if err != nil {
627
627
logger.Error("failed to create appassword session... skipping fetch", "err", err)
628
628
return