Maximun Sync Gateway session TTL


#1

I’m new to couchbase in general but debugging a current iOS app that connects to couchbase.

About the app:

Problem:

  • We do not want to ask user’s to log back in every day. Essentially, we would like a stateless connection.

A possible solution would be to send a custom TTL time but how big can that number be (seconds)? Or what is the best practice to implement a stateless connection to the coachbase server?


#2

We do not want to ask user’s to log back in every day

What about storing the credentials in the Keychain and reusing them without prompting the user?


#3

We actually stored the credentials in the device and re-use them but the issue is in the server side where the session might have expired. That is what I thought a solution would be set the TTL parameter but I don’t know what it is the biggest TTL number supported. For example, Can I set it to a month? a year (31,536,000)?

Also I’m not sure if the 24hrs period resets every time an http request is sent to the couchbase server, so the expiration is 24hrs since the last user request. For example, I have been using the app and it has been more than 24hrs since the app set the cookie but it has not expired.


#4

Either have the app log in on launch, creating a new session, or just use HTTP Basic auth (sending the credentials in every request) instead of having a session at all.


#5

Is there a way to configure the default sync-gateway session ttl?

I’ve got some replication tasks that use the session cookie but they seem to stop after a while. My guess is the session is timing out. When a user opens my app it deals with the issue by creating a new session, BUT that only happens if they open the app. If it’s running in the background I want to be able to replicate on a push notification. It works but only for a while, I guess because the clients session dies after 24h. It would be nice to be able to configure it, either in the request or globally in some config.


#6

Can your app create a new session while it’s in the background, the same way it does when in the foreground?

I think the session timeout can be specified in the SG config file. (It can’t be configured in a request because session lifespans are part of the server’s security policy.)


#7

@nick-couchbase In future it’s probably better to start a new thread for new questions - your use case (client initiated session) sounds like it’s a bit different than the original, older post (REST API based sessions) .

There isn’t currently a config option for the default session timeout in the SG config. I think it would be a reasonable enhancement - you can file an issue requesting this in the Sync Gateway github repo. It’s possible to specify a TTL when creating a session via the Admin REST API, but it doesn’t sound like this is your use case.

However, I think Jens’s original comment/question is probably most relevant - can your app create a new session while it’s in the background?


#8

I worked around the problem. The replication processes no longer use a session but a username and password instead. And where my app does need a session I’ve redirected the session creation to my own app server that has access to the admin api which allows it to dish out much longer lasting sessions.