SessionBackend: skip isUserSessionPrevented check for anons

For anon requests, the call to SessionManager::isUserSessionPrevented(
$this->user->getName() ) is both expensive (because of the need to
sanitize the IP) and pointless, because the session-prevention feature
is intended for named accounts. So short-circuit the check if the user is not
logged in.

Change-Id: I17386b97e229b492723b46db1e1ae16fd4b0fc5a

diff --git a/includes/session/SessionBackend.php b/includes/session/SessionBackend.php
index 0a9191b..0424a2d 100644 (file)
--- a/includes/session/SessionBackend.php
+++ b/includes/session/SessionBackend.php
@@ -572,7 +572,9 @@ final class SessionBackend {
         * @param bool $closing Whether the session is being closed
         */
        public function save( $closing = false ) {
-               if ( $this->provider->getManager()->isUserSessionPrevented( $this->user->getName() ) ) {
+               $anon = $this->user->isAnon();
+
+               if ( !$anon && $this->provider->getManager()->isUserSessionPrevented( $this->user->getName() ) ) {
                        $this->logger->debug(
                                'SessionBackend "{session}" not saving, user {user} was ' .
                                'passed to SessionManager::preventSessionsForUser',
@@ -585,7 +587,6 @@ final class SessionBackend {
 
                // Ensure the user has a token
                // @codeCoverageIgnoreStart
-               $anon = $this->user->isAnon();
                if ( !$anon && !$this->user->getToken( false ) ) {
                        $this->logger->debug(
                                'SessionBackend "{session}" creating token for user {user} on save',