Split the login transaction, to reduce database contention during login

author: Owen Jacobson <owen@grimoire.ca> 2024-10-11 21:19:45 -0400
committer: Owen Jacobson <owen@grimoire.ca> 2024-10-11 21:19:45 -0400
commit: a0abed5ea08b2fc5b9ac4abdade1199f62cd5da7 (patch)
tree: fcb7d50dc1a80d79da5a088f82cd1f42b6b3084d /src/token
parent: 864febeefc5213928bf88f89a714a006326e5b41 (diff)
1 files changed, 10 insertions, 3 deletions
diff --git a/src/token/app.rs b/src/token/app.rs
index 04f8747..15fd858 100644
--- a/src/token/app.rs
+++ b/src/token/app.rs
@@ -38,15 +38,22 @@ impl<'a> Tokens<'a> {
             .await
             .optional()?
             .ok_or(LoginError::Rejected)?;
+        // Split the transaction here to avoid holding the tx open (potentially blocking
+        // other writes) while we do the fairly expensive task of verifying the
+        // password. It's okay if the token issuance transaction happens some notional
+        // amount of time after retrieving the login, as inserting the token will fail
+        // if the account is deleted during that time.
+        tx.commit().await?;
 
         let token = if stored_hash.verify(password)? {
-            tx.tokens().issue(&login, login_at).await?
+            let mut tx = self.db.begin().await?;
+            let token = tx.tokens().issue(&login, login_at).await?;
+            tx.commit().await?;
+            token
         } else {
             Err(LoginError::Rejected)?
         };
 
-        tx.commit().await?;
-
         Ok(token)
     }
author	Owen Jacobson <owen@grimoire.ca>	2024-10-11 21:19:45 -0400
committer	Owen Jacobson <owen@grimoire.ca>	2024-10-11 21:19:45 -0400
commit	a0abed5ea08b2fc5b9ac4abdade1199f62cd5da7 (patch)
tree	fcb7d50dc1a80d79da5a088f82cd1f42b6b3084d /src/token
parent	864febeefc5213928bf88f89a714a006326e5b41 (diff)