Do not save sessions on authorization in API access
- mystik
- Member | 312
Is there any best practice how to prevent creation of unnecessary sessions when use is authorized in API call? Currently whern I uthorize user based on APi request apiKey then every time new session file is created because User and USerStorage creates them automatically when authorization occurs. Because our API can be quite bussy it causes problems with virtual machine diskspace (inodes). We need some way to tell our app that in these requests authorization information can be stored only in-memory and there is no need to create session.
What would be best way to let user authorize but disable creation of sessions? Create custom UserStorage that allows enabling/disabling of session? Then call disabling of session in APi presenters startup? Or is there any other way?