Tokens pile up in the database forever

Question

Tokens pile up in the database forever

Closed this issue 2 years ago · 1 comments

Hey! I'd like to collect your ideas on how to approach this issue and try to come up with a solution.

Currently when a token is issued and, after a while, never used anymore (which I expect to be a common scenario), the tokens will just pile up and never be deleted from the database. It should be deleted at some point after the token is expired.

The trivial solution to this is to have a background/async job periodically checking for expired tokens and delete them. But that's a custom solution I guess everyone would have to rollout.

IMHO, Tiddle would benefit by having at least a method to help achieve that and then have that documented in the Readme. I guess what that method would do is to help to find all expired tokens in the database and then (maybe a second method) also delete them from the DB.

That's my take, but I'd like to know what are your plans or thoughts on this.

Answer 1 · 2022-04-13T19:51:57.000Z

There's a solution for this already - https://blog.sundaycoding.com/blog/2015/04/04/token-authentication-with-tiddle/#deleting-old-tokens. The link to the blog post was broken in the README. I fixed it in f3fc958.

Thanks for reporting! If you'd like to submit a PR to update the README go for it. Now I think that everything useful should just be in the README and not in the blog post.