This behavior is exhibited by a brand new instance of a 8.7.0 ASP.NET Core & Angular project.
Is this expected behavior?
The login performance for the admin user gets worse and worse as the number of records grows in this table.
Also, we noticed the performance degredation after upgrading from 7.3.1 to 8.7.0 in our development environment, which had over 10,000 records for the admin user in AbpUserTokens table.
9 Answer(s)
-
0
hi
https://aspnetboilerplate.com/Pages/Documents/Background-Jobs-And-Workers?#user-token-removal-period
User token removal period
ABP Framework defines a background worker named UserTokenExpirationWorker which cleans the records in table AbpUserTokens. If you disable background job execution, this worker will not run. By default, UserTokenExpirationWorker runs every one hour. If you want to change this period, you can configure it like below:
public class MyProjectWebModule : AbpModule { public override void PreInitialize() { Configuration.BackgroundJobs.CleanUserTokenPeriod = 1 * 60 * 60 * 1000; // 1 hour } //... }
-
0
Hi maliming,
Thanks for the quick response! I have couple of questions though.
Why is a new 1 year token created every time the admin user logs in? Why are the old 1 year tokens not deleted automatically when the admin user logs in?
Is this the definition of the UserTokenExpirationWorker? It appears to only delete tokens that have expired. Am I missing something that explains how the 1 year tokens are supposed to be cleaned up?
-
1
- Why is a new 1 year token created every time the admin user logs in? Why are the old 1 year tokens not deleted automatically when the admin user logs in?
A user can log in from multiple devices and browsers. The token for a session is deleted when the user logs out properly via the API.
- Is this the definition of the UserTokenExpirationWorker? It appears to only delete tokens that have expired. Am I missing something that explains how the 1 year tokens are supposed to be cleaned up?
Yes. Only expired tokens are cleaned up.
-
0
Hey aaron,
To mitigate this issue, do you see any red flags with setting the expiration to 7 days instead of 1 year?
public class MyProjectWebCoreModule : AbpModule { public override void PreInitialize() { Configuration.BackgroundJobs.UserTokenExpirationPeriod = TimeSpan.FromDays(7); } }
-
0
Hi @tom.ohle
You can use any expiration period you want, it depends on your requirements. You can change https://github.com/aspnetzero/aspnet-zero-core/blob/50a941ddd3eac7fd1a50b63a4d8d066def55c189/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Application.Shared/AppConsts.cs#L49-L50 and use any period you want.
We will also check whether cleaning the tokens after user logouts works as expected. I created an issue about it: https://github.com/aspnetzero/aspnet-zero-core/issues/3368
Thanks.
-
0
Hi @musa.demir,
It seems the issue you created no longer exists.
-
0
It still exists. Can you please check you have permission to see https://github.com/aspnetzero/aspnet-zero-core
-
0
Yes, you are right. I wasn't logged in at the time when I checked. My mistake!
-
0
Closing since the issue https://github.com/aspnetzero/aspnet-zero-core/issues/3368 is created.