Is it safe to delete unused login_token entries from oc_preferences

poepoemon · May 20, 2025, 9:03am

Hi everyone,

I’m facing a performance issue with the following query:

SELECT `appid`, `configkey`, `configvalue` FROM `oc_preferences` WHERE `userid` = 'op3';

This query is frequently appearing in the slow query log.
After checking the data, I found that there are over 5,000 records related to login_token in the oc_preferences table for this user.

Here’s a screenshot showing the result of this query:

I suspect these records are contributing to high database load and slower performance, so I’m considering deleting unused or outdated login_token entries manually.

Is it safe to manually delete login_token entries from oc_preferences?
Is there an official or recommended way (e.g., via occ) to clean up stale login tokens?

Thanks!

devnull · May 20, 2025, 9:47am

login_token (configkey, configvalue) contain also a timestamp in unix time format.

date -d @1747728537
echo date('Y-m-d H:i:s', 1747728537);
https://www.epochconverter.com

There are session_lifetime (default 1 day) and remember_login_cookie_lifetime (default 15 days). You can set it in config.php.

Unfortunately, I have read contradictory information that these are automatically deleted. Unfortunately, I haven’t found anything in GitHub either. Maybe someone knows more.

A standard automated deletion would have to be based on the individual values in config.php.

I think only for login_token that have expired. Alternatively I think all users have to log in again with username and password.