Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CachedJwtTokenManager 会导致同一用户的token同时到期,导致auth接口出现密集调用和timeout #12823

Open
Melod-YI opened this issue Nov 5, 2024 · 1 comment
Open

CachedJwtTokenManager 会导致同一用户的token同时到期,导致auth接口出现密集调用和timeout #12823

Melod-YI opened this issue Nov 5, 2024 · 1 comment
Labels
area/Client Related to Nacos Client SDK kind/enhancement Category issues or prs related to enhancement.

Comments

@Melod-YI
Copy link

Melod-YI commented Nov 5, 2024

image

image
这里对同一个username会返回同一个token,完全相同的expiredTime。

image
而nacos client sdk里,对超时需要重新申请token的时间处理上没有任何随机值。
会出现类似于缓存雪崩的情况,导致很集中的auth请求在同一时间触发。

对业务倒是没见到具体的影响,但是感觉这样不太好。

可以考虑:

  1. 客户端login加入随机的delay,避免同一时间发起login
  2. 服务端仅对token的校验进行缓存,对token的生成不进行缓存
  3. 其他更好地方式(欢迎讨论)
@KomachiSion KomachiSion added area/Client Related to Nacos Client SDK kind/enhancement Category issues or prs related to enhancement. labels Nov 7, 2024
@lucky8987
Copy link
Contributor

@KomachiSion 可以随机调整tokenRefreshWindow 时间窗口来实现,确定的话我可以提交PR修复作为优化?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/Client Related to Nacos Client SDK kind/enhancement Category issues or prs related to enhancement.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Melod-YI @lucky8987 @KomachiSion