Refactor session_count to accurately reflect sessions, not logins, and add last_session_at timestamp#437
Open
cycomachead wants to merge 1 commit intomainfrom
Conversation
- Add last_session_at column to users table and views - Update session_count logic to increment at most once every 4 hours - Decouple session_count from login events to improve metric accuracy - Ensure last_login_at only updates on actual authentication events Co-authored-by: Claude Code <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Refactor session tracking to use distinct 4-hour windows instead of login events
This PR decouples
session_countfrom login events so it accurately reflects user sessions rather than authentication actions. A newlast_session_attimestamp column is introduced to track when the most recent session window began.Changes
migrations.lua: Adds migration2026-04-06:0to add alast_session_at(timestamptz, nullable) column to theuserstable and refreshes the user views.app.lua: Adds session tracking logic in thebefore_filterthat runs on every authenticated request — incrementssession_countand updateslast_session_atonly iflast_session_atis null (first ever session) or 4+ hours have elapsed since the last recorded session.controllers/user.lua: Removessession_countincrements from both login paths (student first-login and standard login).last_login_atcontinues to be updated only on actual authentication events.db/schema.sql: Addslast_session_atcolumn to theuserstable definition and both theactive_usersanddeleted_usersviews.Architecture Overview
Previously,
session_countwas incremented directly in the login controller, making it effectively a login counter. The new approach moves session tracking to thebefore_filterinapp.lua, which runs on every authenticated request. By comparing the current time againstlast_session_at, the system ensures at most one session is counted per 4-hour window, regardless of how many times a user logs in or out during that period.last_login_atsession_countlast_session_atReviewer Notes
extract(epoch ...)query to avoid any clock skew issues between application and database.session_countvalues in production will remain as-is; they will continue incrementing under the new (more conservative) logic going forward.Superconductor Ticket Implementation | Guided Review