Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cache conflict in Redis for Get Flags and Get Identities endpoints in the Flagsmith API #5001

Open
1 of 4 tasks
oluizcarvalho opened this issue Jan 14, 2025 · 3 comments
Open
1 of 4 tasks

Cache conflict in Redis for Get Flags and Get Identities endpoints in the Flagsmith API #5001

oluizcarvalho opened this issue Jan 14, 2025 · 3 comments
Labels
bug Something isn't working

Comments

@oluizcarvalho
Copy link
Contributor

oluizcarvalho commented Jan 14, 2025
edited
Loading

How are you running Flagsmith

  • Self Hosted with Docker
  • Self Hosted with Kubernetes
  • SaaS at flagsmith.com
  • Some other way (add details in description below)

Describe the bug

A cache issue occurs in the Get Flags and Get Identities endpoints of the Flagsmith API when using Redis for caching, configured as described in the official documentation.

The keys saved in Redis do not include the api_key as part of the key attributes, causing cache overwrites and response conflicts between different API calls.

Upon analyzing the code, it seems that the cache controller is overwriting the cache keys in Redis. The current structure of the Redis keys is as follows:

:1:views.decorators.cache.cache_page..GET.<hash>.d41d8cd98f00b204e9800998ecf8427e.<locale>.<timezone>

This results in inconsistent responses.

Example of the Issue
API_KEY_1 makes a request to the Get Flags endpoint and saves a response in Redis.
API_KEY_2 (different project) makes a request to the same endpoint but receives the response saved by API_KEY_1.

Steps To Reproduce

  1. Configure the Flagsmith API with Redis caching for the Get Flags and Get Identities endpoints using the following settings:
GET_FLAGS_ENDPOINT_CACHE_SECONDS=300
GET_FLAGS_ENDPOINT_CACHE_BACKEND=django.core.cache.backends.redis.RedisCache
GET_FLAGS_ENDPOINT_CACHE_LOCATION=redis://username:[email protected]:6379

GET_IDENTITIES_ENDPOINT_CACHE_SECONDS=300
GET_IDENTITIES_ENDPOINT_CACHE_BACKEND=django.core.cache.backends.redis.RedisCache
GET_IDENTITIES_ENDPOINT_CACHE_LOCATION=redis://username:[email protected]:6379
  1. Make a request to the Get Flags endpoint using API_KEY_1.
  2. Make another request to the same endpoint using API_KEY_2 (different project).
  3. Observe the responses returned.

Expected behavior

  1. Redis cache keys should include the api_key as part of their structure to ensure data is unique to each API request.
  2. Responses for API_KEY_1 and API_KEY_2 should be independent and consistent with the expected data.

Screenshots

API_KEY_1:
Image

API_KEY_2 (different project) with cache:
Image

API_KEY_2 no cache:
Image
@oluizcarvalho oluizcarvalho added the bug Something isn't working label Jan 14, 2025
@oluizcarvalho
Copy link
Contributor Author

@matthewelwell Did you manage to take a look?

@matthewelwell
Copy link
Contributor

@oluizcarvalho thanks for raising this, and for the detailed issue description, and apologies for the delay in getting back to you.

We will try to get to this as soon as we can, unless you want to submit a PR for it yourself?

@oluizcarvalho
Copy link
Contributor Author

You can continue with the corrections, if you need any support just tell me, thank you

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@matthewelwell @oluizcarvalho