From d3043c40364eed2b2e6bef67ed146148d8a7c787 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 6 Mar 2026 17:59:43 +0000
Subject: [PATCH 1/2] Initial plan


From eb2335fec7ec8de9664b1154301ae9c0fd1dacc3 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 6 Mar 2026 18:05:22 +0000
Subject: [PATCH 2/2] Fix TCP connection spike: disable keep-alive and add
 request timeouts in login sessions

Co-authored-by: flwfdd <36499196+flwfdd@users.noreply.github.com>
---
 bit_login/config.py |  2 +-
 bit_login/login.py  | 25 ++++++++++++++++++++++++-
 2 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/bit_login/config.py b/bit_login/config.py
index a2447ce..b43770e 100644
--- a/bit_login/config.py
+++ b/bit_login/config.py
@@ -49,7 +49,7 @@
             'Accept': 'application/json, text/javascript, */*; q=0.01',
             'Accept-Language': 'zh-CN,zh;q=0.9,en;q=0.8,ja;q=0.7',
             'Cache-Control': 'no-cache',
-            'Connection': 'keep-alive',
+            'Connection': 'close',
             'Pragma': 'no-cache',
             'Sec-Fetch-Dest': 'empty',
             'Sec-Fetch-Mode': 'cors',
diff --git a/bit_login/login.py b/bit_login/login.py
index 88026d9..0d35b6d 100644
--- a/bit_login/login.py
+++ b/bit_login/login.py
@@ -1,4 +1,5 @@
 import requests
+from requests.adapters import HTTPAdapter
 import re
 from typing import Dict, Any
 from .config import CONFIG
@@ -8,12 +9,34 @@ class login_error(Exception):
     """BIT登录通用异常"""
     pass
 
+class _TimeoutHTTPAdapter(HTTPAdapter):
+    """HTTPAdapter that enforces a default request timeout."""
+    def __init__(self, *args, **kwargs):
+        self._default_timeout = kwargs.pop('timeout', 30)
+        super().__init__(*args, **kwargs)
+
+    def send(self, request, **kwargs):
+        kwargs.setdefault('timeout', self._default_timeout)
+        return super().send(request, **kwargs)
+
 class login:
     """BIT 统一身份认证核心类"""
     def __init__(self, base_url: str = ""):
         self.session = requests.Session()
+        # Enforce a default request timeout on all outgoing requests to prevent
+        # hung connections from accumulating indefinitely.
+        http_adapter = _TimeoutHTTPAdapter(timeout=30)
+        https_adapter = _TimeoutHTTPAdapter(timeout=30)
+        self.session.mount('http://', http_adapter)
+        self.session.mount('https://', https_adapter)
         self.session.headers.update({
-            'User-Agent': CONFIG["common"]["ua"]
+            'User-Agent': CONFIG["common"]["ua"],
+            # Disable HTTP keep-alive so that TCP connections are closed
+            # immediately after each response and are not held open in the
+            # connection pool.  Without this, every cached session retains a
+            # pool of idle sockets; under load this causes the server-wide TCP
+            # connection count to spike until resources are exhausted.
+            'Connection': 'close',
         })
         self.base_url = base_url if base_url else CONFIG["urls"]["base"]["sso_api"]