From ca9691331fb19542477b6205024921388321829b Mon Sep 17 00:00:00 2001
From: Byron Jones <glob@mozilla.com>
Date: Fri, 21 Aug 2015 12:02:59 +0800
Subject: Bug 1195645 - don't create a new session for every authenticated
 REST/BzAPI call

---
 Bugzilla/WebService/Server/REST.pm | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'Bugzilla/WebService/Server')

diff --git a/Bugzilla/WebService/Server/REST.pm b/Bugzilla/WebService/Server/REST.pm
index 858375247..d94fb1d81 100644
--- a/Bugzilla/WebService/Server/REST.pm
+++ b/Bugzilla/WebService/Server/REST.pm
@@ -189,6 +189,13 @@ sub handle_login {
     my $full_method = $class . "." . $method;
     $full_method =~ s/^Bugzilla::WebService:://;
 
+    # We never want to create a new session unless the user is calling the
+    # login method.  Setting dont_persist_session makes
+    # Bugzilla::Auth::_handle_login_result() skip calling persist_login().
+    if ($full_method ne 'User.login') {
+        Bugzilla->request_cache->{dont_persist_session} = 1;
+    }
+
     # Bypass JSONRPC::handle_login
     Bugzilla::WebService::Server->handle_login($class, $method, $full_method);
 }
-- 
cgit v1.2.3-24-g4f1b