问题
I recently asked a question: link here regarding the best way to store refresh tokens in my autodesk-forge web application. I am currently storing the refresh token in an SQL database with only one row and column, containing the refresh token. Steps regarding the token are as follows:
- When a user signs in, a GET method is called to retrieve the latest token from the database. Returndata.php simply connects to the SQL DB and retrieves the row from the table. Get method code:
function getRefreshToken() {
$.get("returndata.php",
function(response) {
var res = JSON.parse(response);
console.log(response);
console.log(res);
refreshToken = res[0].Value;
// console.log(refreshToken);
useRefresh();
// console.log(response.value);
//var times = response.times;
},
);
}
- The token is returned and used to get an access token for the user.
- When the access token is retrieved, it comes with a refresh token, which is subsequently saved in the SQL database in the same row as the previous refresh token. Savesettings.php simply connects to the DB and updates the single row, with the new refresh token. Code for POST method to store refresh token:
function saveRefreshToken() {
$.post("savesettings.php",
{
Value: refreshToken,
},
function(data, status){
console.log(data);
});
}
For the most part, this method works fine, however there have been a couple times where it has bugged out. I believe this is due to a concurrency issue. Where if two users are accessing the DB at very similar times, the data may become corrupted or the wrong data may be given. To fix this, I know I need to use a semaphore so that other requests wait until the first is done before executing. How can I use a semaphore to achieve this? Any help would be greatly appreciated as I am very stuck on this issue. Thanks. Cheers!!
EDIT
function getToken(){
$.ajax({
method: 'POST',
url: 'https://developer.api.autodesk.com/authentication/v1/gettoken',
headers: {
'Content-Type':'application/x-www-form-urlencoded'
},
data:'client_id=xxxxxxxxxxxxxxxxxxxx&client_secret=xxxxxxxxxxxxxxx&grant_type=authorization_code&code=' + code + '&redirect_uri=xxxxxxxxxxxxxxxxxxxxxx',
success:function(response){
// console.log(response);
access_token = response.access_token;
console.log(access_token);
console.log(response);
refreshToken = response.refresh_token;
saveRefreshToken()
}
})
}
function useRefresh(){
$.ajax({
method:'POST',
url: 'https://developer.api.autodesk.com/authentication/v1/refreshtoken',
headers: {
'Content-Type':'application/x-www-form-urlencoded'
},
data:'client_id=xxxxxxxxxxxxxxxxxxxxxxxxx&client_secret=xxxxxxxxxxxxxxxxx&grant_type=refresh_token&refresh_token='+refreshToken+'&scope=data:read',
success:function(response){
console.log(response);
refreshToken = response.refresh_token;
//console.log(refreshToken);
access_token = response.access_token;
saveRefreshToken();
}
})
}
回答1:
If you're running into concurrency issues with PHP and MySQL, semaphores is not the right level to solve this. What if, for example, you want to run a second server to handle PHP requests.
The correct way to handle this is in your database. If the corruption happens during a single request, maybe your queries are wrong or you need to use transactions or locks.
来源:https://stackoverflow.com/questions/62781249/use-a-semaphore-to-fix-a-concurrency-issue