-
-
Notifications
You must be signed in to change notification settings - Fork 115
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
API: Cache user for optimized authentication #207
Comments
/attempt I'd like to work on this issue for fosshack. |
Assigned the issue to @Z-xus! |
The approach isnt correct.
|
My logic was to set cache only in auth module after successfully logging in because using cache there could sacrifice integrity of data I was just setting a string so I'll try now with hashmap so it will be well segregated as well, hopefully that would work out. Also, should I create a service for this caching? it seems to be used both times like setting after login and setting when user updates. I appreciate your time and help. |
A cache service would be highly appreciated if you can make one. Maybe, you can create a separate module for that and export it globally. Also, as for your concerns regarding data integrity, those are valid. So in that case, at the very bottom of the function is a line that sets the user in the request body. You can implement the cache put operation just before that line. |
I think adding the cached user in this place works aswell. But then, the main use of cache is in the auth guard before we try to fetch the user from db. It wont make much sense if we just add the cache and not use it. |
That's exactly the case I was referring to when I said data integrity, If a user{} cache is sent when trying to login a user, when an admin has deleted the user, then it would still allow the user to be logged in.. regardless of being deleted. |
From infering this, My approach was to only set user in cache when they log in and then use the cached user for subsequent get requests made from user service/s. |
For now, admin routes are disabled. And even if the admin deletes the user, we would also delete the user from the cache so it wont be an issue.
As far as the scope of the issue is concerned with, we just want to use the cache in auth guard while authentication. Later on, we can add more such cache functions. |
Description
keyshade uses stateless cookie-based authentication to let users in. In the long run, this will impose a strain on our database since we will have over 100qps. To optimize this, we would like to cache our user data during authentication.
Solution
In auth.guard.ts, if the authentication is successful, we fetch the user details and set it in the current session. We would also like to cache this data. We will be using the key structure
user-<userId>
.auth.guard.ts
:user-<userId>
. If it's null, fetch from the database by email.JSON.stringify()
the data retrieved, and set it in cache asuserId -> userObject(stringified)
Additional context
Relevant files can be found in
auth
anduser
module.The text was updated successfully, but these errors were encountered: