use defer to make sure we always release session data

9ae306e4 · bergquist · fd0f9f2d · 9ae306e4 · 9ae306e4
Commit 9ae306e4 authored Jan 24, 2019 by bergquist
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 5 deletions

pkg/api/http_server.go
+2 -1

pkg/middleware/auth_proxy.go
+6 -4

No files found.
--- a/pkg/api/http_server.go
+++ b/pkg/api/http_server.go
@@ -65,6 +65,8 @@ func (hs *HTTPServer) Init() error {
 	hs.macaron = hs.newMacaron()
 	hs.registerRoutes()

+	session.Init(&setting.SessionOptions, setting.SessionConnMaxLifetime)
+
 	return nil
 }

@@ -225,7 +227,6 @@ func (hs *HTTPServer) addMiddlewaresAndStaticRoutes() {
 	m.Use(hs.metricsEndpoint)
 	m.Use(middleware.GetContextHandler(hs.AuthTokenService))
 	m.Use(middleware.OrgRedirect())
-	session.Init(&setting.SessionOptions, setting.SessionConnMaxLifetime)

 	// needs to be after context handler
 	if setting.EnforceDomain {

--- a/pkg/middleware/auth_proxy.go
+++ b/pkg/middleware/auth_proxy.go
@@ -42,6 +42,12 @@ func initContextWithAuthProxy(ctx *m.ReqContext, orgID int64) bool {
 		return false
 	}

+	defer func() {
+		if err := ctx.Session.Release(); err != nil {
+			ctx.Logger.Error("failed to save session data", "error", err)
+		}
+	}()
+
 	query := &m.GetSignedInUserQuery{OrgId: orgID}

 	// if this session has already been authenticated by authProxy just load the user
@@ -163,10 +169,6 @@ func initContextWithAuthProxy(ctx *m.ReqContext, orgID int64) bool {
 	ctx.IsSignedIn = true
 	ctx.Session.Set(session.SESS_KEY_USERID, ctx.UserId)

-	if err := ctx.Session.Release(); err != nil {
-		ctx.Logger.Error("failed to save session data", "error", err)
-	}
-
 	return true
 }