Why do we store the sessions?

Hi lovely community,

i tried to understand a little bit better how this app works.The @jwt_required decorator takes care for the validation of the token when accessing the Api. Why do we use a sessions collection? Besides updating them there was no other usage for it in the mflix app.
The get_user_session method is only called in the test_user_management.py file.

Hello S_84995,

Thanks for the note! This is a great question.

The sessions collection is used when a user logs in or logs out. You can see this in the methods login() and logout() in mflix/api/user.py.

However, this is the only capacity where the sessions collection is used. You have a good point that, because the @jwt_required decorator checks the request for a token, the sessions collection is redundant. That said, it’s still important to store logins in the sessions collection, in case we wanted to do something with that information.

We could potentially use session data to limit the maximum time we allow sessions to be open on the MFlix app. We could remove documents from the sessions collection after 1 hour, or 2 hours. We could also run analytics on the number of logins.

In short, the MFlix app is full of features that could be potentially useful if we wanted to improve the app in the future, but may not be directly relevant to the M220P course.