![]() The resulting refactor is much more declarative, where we tell the computer what to do, not how to do it - which I'm all about □ markAsDeleting()) When we implement the contract on the job, the need to manually lock / unlock disappears. This is where Laravel has improved things for us with the ShouldBeUnique contract. This approach is okay, however we have to do a lot of manual work. Ĭonst generateNonce = () => :destroy")->forceRelease() In the following example of a potential consumer, I could mash the submit button and it would generate a new nonce for each submission. If the API receives a request with a nonce that has already been seen, the request is considered a duplicate and is discarded.Īlthough on the surface this appears to fix the problem, there is nothing stopping an API consumer from firing off duplicate requests, and just auto-generating a nonce because "the docs said to add one". The API based solution I usually see for duplicate requests is to make consumers provide a nonce with each request. The root problem still exists and you may want to address it properly if a malicious actor can leverage it to put your system into a bad state.Īdditionally, if you build out an API where your consumers are in control of how requests are made, you can't introduce this "fix". By-passing the UI and firing off requests manually could still be a way around our "solution".This might not be a big issue if you are deep in a JavaScript powered front-end, because that is already the case (for better or worse). We now have a dependency on JavaScript for our application to function correctly.We are now disabling UI elements, which I know my UX friends are not happy with me about.The user of the form, through some kind of dark twisted magic, is able to trigger multiple requests even though you cannot seem to replicate that behaviour, no matter how hard you try.Ī fix I often see is to disable the button in the UI once it has been activated, preventing the user from triggering requests back-to-back. This problem, in my personal experience, feels especially true for AJAX powered form submissions, but can impact traditional forms as well. If you have built web based forms and had enough people using those forms, you have likely run into the problem of duplicate form submissions. They simplify handling duplicate requests and ensure that resources stay in a good state across conflicting background jobs. To my surprise, these two features work really well together. I had thought, on first read, that I would want to use one or the other, that is ShouldBeUnique or WithoutOverlapping. I had seen the ShouldBeUnique contract and the WithoutOverlapping middleware before, but not yet had a chance to implement and internalise their functionality. So as I do, I went over and read up on the current feature set for queues. Recently I have been hacking on some refactorings and improvements to a project's queued jobs, which is all powered by Laravel's Wicked Good Queuing System™. When focusing in on some specific functionality of an application, such as notifications or queuing, I often head over to the docs and catch up on the current state of the art for different Laravel components.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |