Skip to content

fix(performance): Only search for auth tokens when the provided login… #36621

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
nickvergessen merged 3 commits into from
Feb 10, 2023
Merged

fix(performance): Only search for auth tokens when the provided login… #36621

nickvergessen merged 3 commits into from
Feb 10, 2023

Conversation

@nickvergessen
Copy link
Member

@nickvergessen nickvergessen commented Feb 8, 2023
edited
Loading

… is long enough

Summary

All our generated auth tokens have a a fixed length (apart from session id based one which has a minimum). So it's save to assume that shorter strings are not actually valid apptokens we need to look up but the password when basic auth is used.
Additionally a min length check was added to help developers on generating new tokens in the future.

Query count of notifications app integration tests

Before After
https://github.com/nextcloud/notifications/actions/runs/4108063021/jobs/7088301789 https://github.com/nextcloud/notifications/actions/runs/4128695573/jobs/7133455445
10354 9150

Checklist

@nickvergessen nickvergessen added this to the Nextcloud 26 milestone Feb 8, 2023
@nickvergessen nickvergessen self-assigned this Feb 8, 2023
@nickvergessen nickvergessen force-pushed the perf/noid/only-check-for-token-when-it-can-actually-be branch from 2abdf59 to 7a85a15 Compare February 9, 2023 08:58
miaulalala
miaulalala approved these changes Feb 9, 2023
View reviewed changes
Copy link
Contributor

@miaulalala miaulalala left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🐘

@nickvergessen
Fix unit tests
a81d8ec 
Signed-off-by: Joas Schilling <[email protected]>
@nickvergessen nickvergessen merged commit e47d56a into master Feb 10, 2023
@nickvergessen nickvergessen deleted the perf/noid/only-check-for-token-when-it-can-actually-be branch February 10, 2023 00:29
@blizzz blizzz mentioned this pull request Feb 13, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@juliusknorr juliusknorr juliusknorr approved these changes

@miaulalala miaulalala miaulalala approved these changes

@come-nc come-nc come-nc approved these changes

@marcelklehr marcelklehr Awaiting requested review from marcelklehr

Assignees

@nickvergessen nickvergessen

Labels

3. to review Waiting for reviews feature: authentication performance 🚀

Projects

None yet

Milestone

Nextcloud 26

Development

Successfully merging this pull request may close these issues.

5 participants

@nickvergessen @juliusknorr @miaulalala @come-nc