A single database session is used for the lifetime of the application #19
Comments
sersorrel
added a commit
that referenced
this issue
Sep 6, 2019
This is a first step towards using one session per async context rather than sharing a single session throughout the entire application. See #19.
piyushahuja
pushed a commit
that referenced
this issue
Feb 6, 2020
To have one SQLAlchemy session per request, added two middlewares for creating and removing a session. The SQLAlchemy API does not require interacting with the session object directly; instead we use calls to Session class to indirectly call methods on session objects. The first time during the request cycle Session is called, it creates a new session object for the request context (supported by AIOHTTP) and saves it in ContextLocalRegistry using the contextvars module. Every subsequent call to Session in the request-context lifecycle uses this session object (obtained with a context.get() call) Resolves: Issue #19
piyushahuja
pushed a commit
that referenced
this issue
Feb 7, 2020
To have one SQLAlchemy session per request, added two middlewares for creating and removing a session. The SQLAlchemy API does not require interacting with the session object directly; instead we use calls to Session class to indirectly call methods on session objects. The first time during the request cycle Session is called, it creates a new session object for the request context (supported by AIOHTTP) and saves it in ContextLocalRegistry using the contextvars module. Every subsequent call to Session in the request-context lifecycle uses this session object (obtained with a context.get() call) Resolves: Issue #19
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Each
Databaseuses exactly one SQLAlchemy session:backend/cogs/db/interface.py
Lines 53 to 54 in ca67e80
and the
Databaseis shared across the whole application:backend/cogs/main.py
Line 64 in ca67e80
which implies that the entire application – all async contexts – shares a session.
This is terrible!
– from https://docs.sqlalchemy.org/en/13/orm/session_basics.html#is-the-session-thread-safe
In practice, nothing should go wrong until the application is handling multiple things at once (requests, scheduled jobs, ...), and since there are fairly few users and those users are unlikely to be working at the same time as the scheduled jobs (midnight UTC), it's unlikely this will actually cause any problems. However: if anything does go wrong because of this, it will be an absolute nightmare to work out what's happened.
Fixing this will probably involve using SQLAlchemy's
scoped_session. One way would be to make the Database store a custom subclass ofscoped_sessioninstead ofsessionmaker. The subclass would be very similar to SQLAlchemy's implementation, except it would use a newContextVarsRegistryinstead of SQLAlchemy'sScopedRegistryorThreadLocalRegistry; this new registry would use Python 3.7's contextvars module (supported by aiohttp) to store one session per request. An aiohttp middleware to remove the session at the end of each request will also be necessary.The text was updated successfully, but these errors were encountered: