You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is it possible to give the Authenticable trait access to the cache?
A mapping between an api_key and user or user_id should not result in a db query every time.
Describe the solution you'd like
With my setup I need to query the db every time with joins.
Not very efficient.
Describe alternatives you've considered
Create my own trait and use that instead.
The text was updated successfully, but these errors were encountered:
unless we model a concept of a "session" this might trade off security for performance.
the database is a source of truth, and as such for security, it needs to be consulted with for every operation as frequently as possible.
imagine someone expiring their API key, however the cache still holds it and dims it legitimate.
if you'd like to submit a PR implementing all these concepts with security in mind, I'll be happy to take a look.
Hey this would make more sense if we would have more cache implementations like redis.
This way we can keep multiple instances in sync and improve security.
Isn't a blocker for this issue just something I thought about.
Feature Request
Is it possible to give the
Authenticable
trait access to the cache?A mapping between an api_key and user or user_id should not result in a db query every time.
Describe the solution you'd like
With my setup I need to query the db every time with joins.
Not very efficient.
Describe alternatives you've considered
Create my own trait and use that instead.
The text was updated successfully, but these errors were encountered: