Why are Users manually logged in in ExportCsv queued jobs?
We have recently run into an issue where what appeared to be session data leaking into queue jobs. In the process of debugging that issue, we found some logic that manually logs users in when a CSV export is being processed in a queue: https://github.com/filamentphp/filament/blob/a2a80f634c8ea2d9121443de9a27788218d7f41c/packages/actions/src/Exports/Jobs/ExportCsv.php#L68-L72. I am curious the reasoning behind this and why there isn't corresponding
logout logic at the end of the handler. When a other jobs are being processed on the same queue, the user remains logged in. This can contaminate any global scopes you have on models that reference a logged in user.GitHub
filament/packages/actions/src/Exports/Jobs/ExportCsv.php at a2a80f6...
A collection of beautiful full-stack components for Laravel. The perfect starting point for your next app. Using Livewire, Alpine.js and Tailwind CSS. - filamentphp/filament
2 Replies
Could be a bug, my guess though is that it probably has to do with tenancy.
Curious about it though, seems like the session shouldn’t be relevant to the queued job, ie if the job needs the user, it should be passed in, not read from a session.
Something just isn’t adding up to me in this scenario.
In speaking with some colleagues, I think it was implemented for the sake of notifications, logging, etc and that it is being removed in v4