mirror of
https://github.com/zitadel/zitadel.git
synced 2025-07-02 21:28:32 +00:00
817670f1f7
This pull request improves the scalability of the session API by enhancing middleware tracing and refining SQL query behavior for user authentication methods. # Which Problems Are Solved - Eventstore subscriptions locked each other during they wrote the events to the event channels of the subscribers in push. - `ListUserAuthMethodTypesRequired` query used `Bitmap heap scan` to join the tables needed. - The auth and oidc package triggered projections often when data were read. - The session API triggered the user projection each time a user was searched to write the user check command. # How the Problems Are Solved - the `sync.Mutex` was replaced with `sync.RWMutex` to allow parallel read of the map - The query was refactored to use index scans only - if the data should already be up-to-date `shouldTriggerBulk` is set to false - as the user should already exist for some time the trigger was removed. # Additional Changes - refactoring of `tracing#Span.End` calls # Additional Context - part of https://github.com/zitadel/zitadel/issues/9239 --------- Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
57 lines
1.6 KiB
Go
57 lines
1.6 KiB
Go
package middleware
|
|
|
|
import (
|
|
"context"
|
|
"time"
|
|
|
|
"google.golang.org/grpc"
|
|
"google.golang.org/grpc/metadata"
|
|
"google.golang.org/grpc/status"
|
|
|
|
"github.com/zitadel/zitadel/internal/api/authz"
|
|
http_util "github.com/zitadel/zitadel/internal/api/http"
|
|
"github.com/zitadel/zitadel/internal/logstore"
|
|
"github.com/zitadel/zitadel/internal/logstore/record"
|
|
"github.com/zitadel/zitadel/internal/telemetry/tracing"
|
|
)
|
|
|
|
func AccessStorageInterceptor(svc *logstore.Service[*record.AccessLog]) grpc.UnaryServerInterceptor {
|
|
return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (_ interface{}, err error) {
|
|
if !svc.Enabled() {
|
|
return handler(ctx, req)
|
|
}
|
|
reqMd, _ := metadata.FromIncomingContext(ctx)
|
|
|
|
resp, handlerErr := handler(ctx, req)
|
|
|
|
interceptorCtx, span := tracing.NewServerInterceptorSpan(ctx)
|
|
defer func() { span.EndWithError(err) }()
|
|
|
|
var respStatus uint32
|
|
grpcStatus, ok := status.FromError(handlerErr)
|
|
if ok {
|
|
respStatus = uint32(grpcStatus.Code())
|
|
}
|
|
|
|
resMd, _ := metadata.FromOutgoingContext(ctx)
|
|
instance := authz.GetInstance(ctx)
|
|
domainCtx := http_util.DomainContext(ctx)
|
|
|
|
r := &record.AccessLog{
|
|
LogDate: time.Now(),
|
|
Protocol: record.GRPC,
|
|
RequestURL: info.FullMethod,
|
|
ResponseStatus: respStatus,
|
|
RequestHeaders: reqMd,
|
|
ResponseHeaders: resMd,
|
|
InstanceID: instance.InstanceID(),
|
|
ProjectID: instance.ProjectID(),
|
|
RequestedDomain: domainCtx.RequestedDomain(),
|
|
RequestedHost: domainCtx.RequestedHost(),
|
|
}
|
|
|
|
svc.Handle(interceptorCtx, r)
|
|
return resp, handlerErr
|
|
}
|
|
}
|