Document ways to cleanup expired sessions

LICENSE.md

@@ -24,6 +24,11 @@ GNU General Public License for more details.
 You should have received a copy of the GNU General Public License
 along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+Additional permission under GNU GPL version 3 section 7:
+
+An additional exception under section 7 of the GPL is included in the plugin-exception.txt file,
+which allows you to distribute Vendure plugins (i.e. extensions) under a different license.
+
 ## Vendure Commercial License (VCL)
 
 Alternatively, commercial and supported versions of the program - also known as

README.md

@@ -12,7 +12,7 @@ An open-source headless commerce platform built on [Node.js](https://nodejs.org)
 ### [www.vendure.io](https://www.vendure.io/)
 
 * [Getting Started](https://docs.vendure.io/guides/getting-started/installation/): Get Vendure up and running locally in a matter of minutes with a single command
-* [Live Demo](https://demo.vendure.io/)
+* [Request Demo](https://vendure.io/demo)
 * [Vendure Discord](https://www.vendure.io/community): Join us on Discord for support and answers to your questions
 
 ## Branches

docs/docs/guides/how-to/expired-session-cleanup/index.md

@@ -0,0 +1,49 @@
+---
+title: 'Expired Session Cleanup'
+---
+
+# Expired Session Cleanup
+
+As noted in [SessionService](/reference/typescript-api/services/session-service), sessions are not automatically deleted when expired. This means that if you have a large number of sessions, you may need to clean them up periodically to avoid clogging up your database.
+
+This guide aims to demonstrate how to create [Stand-alone CLI Scripts](/guides/developer-guide/stand-alone-scripts/) to automate the process of cleaning up expired sessions.
+
+## Code
+
+This code bootstraps the Vendure Worker, then retrieves the `SessionService` and calls the `cleanupExpiredSessions` method on it, completely removing all expired sessions from the database. It can be easily run from the command-line or scheduled to run periodically.
+
+```ts title="src/expired-session-cleanup.ts"
+import { bootstrapWorker, Logger, SessionService, RequestContextService } from '@vendure/core';
+import { config } from './vendure-config';
+
+const loggerCtx = 'ExpiredSessionCleanup';
+
+if (require.main === module) {
+    cleanupExpiredSessions()
+        .then(() => process.exit(0))
+        .catch(err => {
+            Logger.error(err, loggerCtx);
+            process.exit(1);
+        });
+}
+
+async function cleanupExpiredSessions() {
+    Logger.info('Session cleanup started.', loggerCtx);
+
+    // Bootstrap an instance of the Vendure Worker
+    const { app } = await bootstrapWorker(config);
+
+    // Retrieve the SessionService
+    const sessionService = app.get(SessionService);
+
+    // Create a RequestContext for administrative tasks
+    const ctx = await app.get(RequestContextService).create({
+        apiType: 'admin',
+    });
+
+    // Call the cleanup function
+    await sessionService.cleanupExpiredSessions(ctx);
+
+    Logger.info('Session cleanup completed.', loggerCtx);
+}
+```

docs/docs/guides/how-to/publish-plugin/index.mdx

@@ -52,9 +52,9 @@ is using a compatible version of Vendure.
 
 ### License
 
-Your plugin **must** use a license that is compatible with the GPL v3 license that Vendure uses. This means your package.json
-file should include `"license": "GPL-3.0-or-later"`, and your repository should include a license file (usually named `LICENSE.txt`) containing the
-[full text of the GPL v3 license](https://www.gnu.org/licenses/gpl-3.0.txt).
+You are free to license your plugin as you wish. Although Vendure itself is licensed under the GPLv3, there is
+a special exception for plugins which allows you to distribute them under a different license. See the
+[plugin exception](https://github.com/vendure-ecommerce/vendure/blob/master/license/plugin-exception.txt) for more details.
 
 ## Publishing to npm
 

docs/docs/reference/typescript-api/auth/session-cache-strategy.md

@@ -18,18 +18,18 @@ object for permissions data, it can become a bottleneck to go to the database an
 SQL query each time. Therefore, we cache the session data only perform the SQL query once and upon
 invalidation of the cache.
 
-The Vendure default from v3.1+ is to use a the <a href='/reference/typescript-api/auth/default-session-cache-strategy#defaultsessioncachestrategy'>DefaultSessionCacheStrategy</a>, which delegates
+The Vendure default from v3.1+ is to use the <a href='/reference/typescript-api/auth/default-session-cache-strategy#defaultsessioncachestrategy'>DefaultSessionCacheStrategy</a>, which delegates
 to the configured <a href='/reference/typescript-api/cache/cache-strategy#cachestrategy'>CacheStrategy</a> to store the session data. This should be suitable
 for most use-cases.
 
 :::note
 
-If you are using v3.1 or later, you should not normally need to implement a custom `SessionCacheStrategy`,
+If you are using v3.1 or later, you should normally not need to implement a custom `SessionCacheStrategy`,
 since this is now handled by the <a href='/reference/typescript-api/auth/default-session-cache-strategy#defaultsessioncachestrategy'>DefaultSessionCacheStrategy</a>.
 
 :::
 
-Prior to v3.1, the default was to use the <a href='/reference/typescript-api/auth/in-memory-session-cache-strategy#inmemorysessioncachestrategy'>InMemorySessionCacheStrategy</a>, which is fast but suitable for
+Prior to v3.1, the default was to use the <a href='/reference/typescript-api/auth/in-memory-session-cache-strategy#inmemorysessioncachestrategy'>InMemorySessionCacheStrategy</a>, which is fast but only suitable for
 single-instance deployments.
 
 :::info

docs/docs/reference/typescript-api/services/session-service.md

@@ -11,10 +11,19 @@ import MemberDescription from '@site/src/components/MemberDescription';
 
 ## SessionService
 
-<GenerationInfo sourceFile="packages/core/src/service/services/session.service.ts" sourceLine="28" packageName="@vendure/core" />
+<GenerationInfo sourceFile="packages/core/src/service/services/session.service.ts" sourceLine="44" packageName="@vendure/core" />
 
 Contains methods relating to <a href='/reference/typescript-api/entities/session#session'>Session</a> entities.
 
+:::note
+
+Sessions are neither automatically deleted when expired nor cleaned up periodically by Vendure. The How-to guide
+[Expired Session Cleanup](/guides/how-to/expired-session-cleanup/) demonstrates how to create a [Stand-alone CLI
+Script](/guides/developer-guide/stand-alone-scripts/) which calls the [cleanupExpiredSessions](#cleanupexpiredsessions)
+method to automate this process.
+
+:::
+
 ```ts title="Signature"
 class SessionService implements EntitySubscriberInterface {
     constructor(connection: TransactionalConnection, configService: ConfigService, orderService: OrderService)
@@ -27,6 +36,7 @@ class SessionService implements EntitySubscriberInterface {
     setActiveChannel(serializedSession: CachedSession, channel: Channel) => Promise<CachedSession>;
     deleteSessionsByUser(ctx: RequestContext, user: User) => Promise<void>;
     deleteSessionsByActiveOrderId(ctx: RequestContext, activeOrderId: ID) => Promise<void>;
+    cleanupExpiredSessions(ctx: RequestContext) => Promise<void>;
 }
 ```
 * Implements: <code>EntitySubscriberInterface</code>
@@ -86,6 +96,11 @@ Deletes all existing sessions for the given user.
 <MemberInfo kind="method" type={`(ctx: <a href='/reference/typescript-api/request/request-context#requestcontext'>RequestContext</a>, activeOrderId: <a href='/reference/typescript-api/common/id#id'>ID</a>) => Promise&#60;void&#62;`}   />
 
 Deletes all existing sessions with the given activeOrder.
+### cleanupExpiredSessions
+
+<MemberInfo kind="method" type={`(ctx: <a href='/reference/typescript-api/request/request-context#requestcontext'>RequestContext</a>) => Promise&#60;void&#62;`}  since="3.1.0"  />
+
+Deletes all expired sessions.
 
 
 </div>

docs/package.json

@@ -19,7 +19,7 @@
     "@docusaurus/preset-classic": "^3.4.0",
     "@mdx-js/react": "^3.0.0",
     "clsx": "^1.2.1",
-    "docusaurus-theme-search-typesense": "^0.12.0-0",
+    "docusaurus-theme-search-typesense": "^0.22.0",
     "prism-react-renderer": "^1.3.5",
     "react": "^18.0.0",
     "react-dom": "^18.0.0"