Skip to content

Commit 47ad646

Browse files
committed
fix(auth): fallback to direct cleanup when tenant context is unavailable
When CurrentTenant(ctx) fails in the session cleanup worker (no tenant in background context), fall back to DeleteExpired without RLS instead of logging an error and skipping cleanup entirely. This is safe as the query only deletes expired sessions and runs as DB owner.
1 parent 79e355e commit 47ad646

1 file changed

Lines changed: 12 additions & 9 deletions

File tree

backend/internal/infrastructure/auth/session_worker.go

Lines changed: 12 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -164,16 +164,19 @@ func (w *SessionWorker) performCleanup() {
164164
if w.db != nil && w.tenants != nil {
165165
tenantID, tenantErr := w.tenants.CurrentTenant(ctx)
166166
if tenantErr != nil {
167-
logger.Logger.Error("Failed to get tenant for session cleanup",
168-
"error", tenantErr.Error())
169-
return
167+
// No tenant in context (background worker in multi-tenant mode).
168+
// Fall back to direct cleanup without RLS — safe because this only
169+
// deletes expired sessions and runs as the DB owner role.
170+
logger.Logger.Debug("No tenant context for session cleanup, using direct cleanup",
171+
"reason", tenantErr.Error())
172+
deleted, err = w.sessionRepo.DeleteExpired(ctx, w.cleanupAge)
173+
} else {
174+
err = tenant.WithTenantContext(ctx, w.db, tenantID, func(txCtx context.Context) error {
175+
var cleanupErr error
176+
deleted, cleanupErr = w.sessionRepo.DeleteExpired(txCtx, w.cleanupAge)
177+
return cleanupErr
178+
})
170179
}
171-
172-
err = tenant.WithTenantContext(ctx, w.db, tenantID, func(txCtx context.Context) error {
173-
var cleanupErr error
174-
deleted, cleanupErr = w.sessionRepo.DeleteExpired(txCtx, w.cleanupAge)
175-
return cleanupErr
176-
})
177180
} else {
178181
// No RLS - direct repository access (for tests)
179182
deleted, err = w.sessionRepo.DeleteExpired(ctx, w.cleanupAge)

0 commit comments

Comments
 (0)