Yicong-Huang opened a new pull request, #4888: URL: https://github.com/apache/texera/pull/4888
### What changes were proposed in this PR? `org.apache.texera.auth.JwtAuthFilter` previously performed a synchronous `INSERT ... ON CONFLICT DO UPDATE` against `USER_LAST_ACTIVE_TIME` on every authenticated request, coupling JWT verification to a per-request DB round-trip and mixing user-management concerns into the auth pipeline. By example: **Before** — every request that arrives at any of the 4 services (access-control / config / file / computing-unit-managing) with a Bearer token does both signature verification *and* a DB upsert. JWT auth is supposed to be stateless; the filter was making it stateful and coupling availability to DB latency. **After** — `JwtAuthFilter` is pure: extract token, verify, set `SecurityContext`. No DB calls. **Replacement, in access-control-service only:** - `UserActivityEventListener` — a Jersey `ApplicationEventListener` (not a `ContainerRequestFilter`). It observes `RESOURCE_METHOD_FINISHED` at the monitoring layer; it cannot reject or transform a request. Authenticated requests that fail before reaching a handler do not count as activity. - `UserActivityTracker` — per-uid in-memory cooldown (default 5 minutes) gates DB writes; the upsert runs on a single-thread daemon executor so request threads never wait on DB latency. If the process restarts, one fresh write per uid happens on the next request — acceptable since `USER_LAST_ACTIVE_TIME` is read at minute / hour granularity. The listener lives only in access-control-service. `USER_LAST_ACTIVE_TIME` is a user-management concern, and authenticated client sessions necessarily contact this service often (UI navigation, permission checks, LiteLLM proxy) so other services do not need to mirror this listener. The other 3 services keep their `JwtAuthFilter` registration but no longer incidentally write to `USER_LAST_ACTIVE_TIME` (one of the goals of this PR). ### Any related issues, documentation, discussions? Closes #4887 ### How was this PR tested? - `sbt AccessControlService/compile` — clean - `sbt AccessControlService/scalafmtCheck "AccessControlService/scalafixAll --check"` — clean - End-to-end behavioral verification (post-merge): hit any access-control-service endpoint with a Bearer token, confirm `USER_LAST_ACTIVE_TIME` upserts at most once per 5 minutes per uid; hit a non-access-control service (e.g., file-service) with a Bearer token, confirm `USER_LAST_ACTIVE_TIME` does not change as a direct side effect of that call. ### Was this PR authored or co-authored using generative AI tooling? Generated-by: Claude Code (Opus 4.7) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
