Up from the previous 5 seconds. It's still short enough that the pages
shouldn't feel stale, but it further reduces the number of requests that
will reach the app.
Also moved this into a shared concern so we can adjust the caching rule
in one place.
In order to control routing dynamically, we need to expose some Beamer
information to the proxy.
The `beamer_writer` value is used by the proxy to keep track of which
node should receive write requests. When it changes due to a failover,
the proxy will update after seeing a new value in this header. We
provide this to the proxy in the `X-Writer` response header.
The `beamer_last_txn` value will be used to control writer pinning.
Setting it in the cookie here is the first stage of this. The second
stage will be to catch situations where a reader gets a request where
this header value is set to a large value than the reader has seen; when
that happens if means there's a risk of reading stale data, so rather
than serve the request we should request the proxy to reproxy it back to
the writer.
We also set `X-Kamal-Target` in the response to match the
`X-Kamal-Target` that was set in the request; this lets us see which
proxy target served each request, which is useful for diagnostics.
- New untenanted Identity and Membership models
- New `identity_token` cookie with path "/" holds state across tenants
We're not sure whether the untenanted database will be sqlite or
MySQL, and so I've been careful to minimize
- database reads, placing them behind etags and caching
- database writes, only writing when a new Session is created (login)
Note that we track two things in the identity_token cookie: a signed
id, and the updated_at for the underlying Identity object. This allows
us to effectively cache on the Identity without having to hit the
database, by using an Identity::Mock object that is compatible with
etag and cache methods.
The new integration test shows the desired user-facing behavior, which
is to make it easy to login without a tenanted URL and to jump between
tenants.
- the untenanted "login_help" page shows all linked memberships
- the jump menu shows all linked memberships (except the current)
Also introduced a utility script to populate existing employee
Identities, grouping accounts by email address.
* main: (47 commits)
Remove overflow from columns
Only reverse Watching button if icon_only
Move video captions below content
Account#slug uses the virtual "tenant" attribute
Rename LOCAL_AUTHENTICATION to OSS_CONFIG
Add a script to generate unique passwords per email address
Visually hide the pagination indicator
Use hide avatars from tabindex on preview
Render a helpful menu of tenants temporarily
Remove code related to Launchpad auth or 37id Users
Formatting
Fix missing close bracket from merge
Reverse involvement buttons if watching
Only render the manifest link for tenanted URLs
Move load-balancer to fizzy-lb-101
Add otel_collector accessory for load balancer
Fix: this was getting idiomorph confused as it was being invoked on many subtree elements
Keep column popups during page refreshes
Don't render next link unless there is more activity
Live updates for the collection perma
...