From: David Lawrence <dkl@mozilla.com>
Date: Mon, 4 Apr 2016 16:37:25 +0000 (+0000)
Subject: Bug 1197061 - don't create a new session for every authenticated XMLRPC/JSONRPC call
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c83c4f78bb91c27e2ffd0e5fb8091fe6795885b8;p=thirdparty%2Fbugzilla.git

Bug 1197061 - don't create a new session for every authenticated XMLRPC/JSONRPC call
---

diff --git a/Bugzilla/WebService/Server.pm b/Bugzilla/WebService/Server.pm
index d1e17a950..a84ba2961 100644
--- a/Bugzilla/WebService/Server.pm
+++ b/Bugzilla/WebService/Server.pm
@@ -35,6 +35,13 @@ sub handle_login {
         Bugzilla->metrics->name("$class $method");
     }
 
+    # We never want to create a new session unless the user is calling the
+    # login method.  Setting dont_persist_session makes
+    # Bugzilla::Auth::_handle_login_result() skip calling persist_login().
+    if ($full_method ne 'User.login') {
+        Bugzilla->request_cache->{dont_persist_session} = 1;
+    }
+
     eval "require $class";
     ThrowCodeError('unknown_method', {method => $full_method}) if $@;
     return if ($class->login_exempt($method)