Fix race condition that can be triggered if the token expires right after we retrieve it, but before we can set the new expiry time.

2016-09-29 08:18:15 -05:00 · 2016-09-29 08:18:15 -05:00 · 26678d8ea3
parent 33d1f5904c
commit 26678d8ea3
1 changed files with 2 additions and 7 deletions
--- a/lib/gitlab/lfs_token.rb
+++ b/lib/gitlab/lfs_token.rb
@ -20,13 +20,8 @@ module Gitlab
    def token
      Gitlab::Redis.with do |redis|
        token = redis.get(redis_key)
-
-        if token
-          redis.expire(redis_key, EXPIRY_TIME)
-        else
-          token = Devise.friendly_token(TOKEN_LENGTH)
-          redis.set(redis_key, token, ex: EXPIRY_TIME)
-        end
+        token ||= Devise.friendly_token(TOKEN_LENGTH)
+        redis.set(redis_key, token, ex: EXPIRY_TIME)

        token
      end