Transferring data from old session to new does not work

[tnatt]

In the endpoint to create a new session POST /session there is logic to transfer relevant data from an existing session to a new one.
This does not work and no data is transferred to the new session.

The reason is that the SessionManager.get_session method will trigger a destroyal of the old session and raises a SessionNotFoundError if a session has expired.

fmu-settings-api/src/fmu_settings_api/session.py

Lines 201 to 203 in b419ce8

	if session.expires_at < now:
	await self.destroy_session(session_id)
	raise SessionNotFoundError("Invalid or expired session")

Hence the exception here is suppressed and the old_session variable is never defined and stays None. The old_session value is used in turn to check if data should be transferred.

fmu-settings-api/src/fmu_settings_api/v1/routes/session.py

Lines 70 to 74 in b419ce8

	if fmu_settings_session:
	with contextlib.suppress(Exception):
	old_session = await session_manager.get_session(
	fmu_settings_session, extend_expiration=False
	)

Existing tests does not pick up on it since we are testing to transfer data between a non-expired session to a new one, hence we do not trigger the SessionNotFoundError.

[slangeveld]

From offline discussion 22.12.25:
To transfer data from an expired session to a new one is not supported at the moment and will require some refactoring of the code. Before we continue with this issue we should discuss the best way to do this, as it might be a good time to rewrite the session mechanism.

We should consider to rewrite the session mechanism to separate between long lived and short lived sessions:

• The project and user specific data could then be tied to the long lived sessions, reducing the need to migrate the state from expired to new sessions.
• The short lived sessions can then be used to authenticate the user, for which they will get access to the long lived sessions if they have a valid short lived session.

[slangeveld]

Conclusion on the way forward after discussions in planning meeting 19.02

• We'll update the session to not have an expiration time
• We'll remove the code that transfers the session data
• GUI should be updated to remove automatic session renewal

Add separate RMS session

• We should create a separate session for RMS as the user should not be able to keep RMS open "infinitely" (because of RMS licenses etc). This session should expire after 1 hour.