Robustly clear sessions on user deletion to cause immediate logout

[rtibbles]

Summary

• Abstracts our existing database routers into a base class and reuses it in all existing implementations - cleaning up unnecessary code in the process
• Migrates Kolibri from file based sessions to database based sessions using a custom model and backend based on Django CachedDB in order to track the user id on the session model
• For SQLite backends, it adds an additional database to limit the additional bottleneck that using the database backend might add
• Adds logic to the queryset and model for FacilityUser to ensure that any time a user is deleted or soft deleted, we also clear any associated sessions
• Cleans up previous API specific logic in favour of this approach
• Adds tests for the new model and queryset updates

References

FIxes #13542

Note that this reverts #3944 which was originally implemented for a very modest performance improvement. I think the combination of a wide range of other performance improvements, plus the use of a separate database in this implementation means that any performance degradation from changing back here should be negligible.

Reviewer guidance

I used Claude Code to do the initial model and queryset updates and write tests for it, and then heavily edited it to reduce code verbosity, fix errors and ensure the tests were asserting the right things. All other code was hand written.

Both the deletion flows in the issue itself, when deleting in an LoD and also when deleting using the new bulk user management flows should work here. Also, if a user is deleted due to a facility being deleted from a device that should also work.

The result here should be that the user is logged out identically if the user's session timed out.

[github-actions]

Build Artifacts

Asset type	Download link
PEX file	kolibri-0.19.0a1.dev0_git.86.g39b4189c.pex
Windows Installer (EXE)	kolibri-0.19.0a1.dev0+git.86.g39b4189c-windows-setup-unsigned.exe
Debian Package	kolibri_0.19.0a1.dev0+git.86.g39b4189c-0ubuntu1_all.deb
Mac Installer (DMG)	kolibri-0.19.0a1.dev0+git.86.g39b4189c.dmg
Android Package (APK)	kolibri-0.19.0a1.dev0+git.86.g39b4189c-0.1.5-debug.apk
Raspberry Pi Image	kolibri-pi-image-0.19.0a1.dev0+git.86.g39b4189c.zip
TAR file	kolibri-0.19.0a1.dev0+git.86.g39b4189c.tar.gz
WHL file	kolibri-0.19.0a1.dev0+git.86.g39b4189c-py2.py3-none-any.whl

[nucleogenesis]

I left some questions / thoughts - nothing blocking or urgent to reply to.

Overall I think that I got a good sense of how the changes work. The Session* classes were a bit weird to grok at first but seems the crux is in customizing the SessionStore so you can override create_model_instance to handle the user_id business. The rest then seems like glue code w/ the new Session model and the DB.

I didn't spin it up yet but don't want to forget to submit this review so I'll come back for further review after some manual testing.

[nucleogenesis]

<3

[nucleogenesis]

(non-blocking curiosity) The reason I'm seeing for using ABC/abstractmethod here is to ensure that classes inheriting this will be required to override specific methods or throw an error.

Are there any other benefits to using an abstract class or would it be functionally similar to:

def MODEL_CLASSES(self):
    raise "Not implemented"

I think this came to mind because that's how I've done abstract classes in Ruby

[nucleogenesis]

Love how this whole module DRYs things up

[rtibbles]

Yes, ABC and abstractmethods are the more explicit way to do this.

[nucleogenesis]

(non blocking opinion) - __init__ feels like it should always be at the top of a class to me but as I type this I'm feeling like this is largely based on vibes 😆 -- I think maybe I just like to see overrides at the top of a class so I can first answer the question "what is the class doing in relation to it's parent's implementation" then the second question of "now what does this class do uniquely".

In any case - __str__ is overridden down here too so the rest fit in well enough 😄

[rtibbles]

Yeah - I think I have a similar intuition - the only advantage to it being here is that its closer to where the intialized value is used.

[nucleogenesis]

Nice to see code like this in the red :)

[rtibbles]

It has been redundant for quite some time, because of the router conditionality being in settings/base.py instead!

[pcenov]

Hi @rtibbles,
Unfortunately the issue reported in #13542 is still present.
Also when on device A I created a server with 2 facilities, and then on device B I went through the LOD user flow and imported a user from the 2nd facility and then deleted the entire facility the user remains signed in with no indication whatsoever that the facility has been deleted other than syncing not working anymore.
The same scenario is valid also for a single device with multiple facilities, where if I add a new facility, create and assign a learner to a class, sign in as the learner and then delete the entire facility - the learner still remains signed in.

Logs:
server-logs.zip
lod-logs.zip