Skip to content

Cache basic authentications #32

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jan 16, 2021
Merged

Cache basic authentications #32

merged 3 commits into from
Jan 16, 2021

Conversation

@roidelapluie
Copy link
Member

In order to improve the response time with basic authentication, cache
the results of bcrypt in memory.

This is a draft to see if that approach would be acceptable.

The code is coming from Caddy, and I have fullfiled the attribution
required by Apache-2 by adding the copyright to our headers:
caddyserver/caddy@9a7756c

Signed-off-by: Julien Pivotto [email protected]

@roidelapluie roidelapluie requested a review from SuperQ January 13, 2021 23:54
@roidelapluie
Copy link
Member Author

roidelapluie commented Jan 13, 2021
edited
Loading

If the general approach is fine I will add specific tests.

roidelapluie
roidelapluie commented Jan 14, 2021
View reviewed changes
SuperQ
SuperQ reviewed Jan 14, 2021
View reviewed changes
SuperQ
SuperQ reviewed Jan 15, 2021
View reviewed changes
Cache basic authentications
817d7e4 
In order to improve the response time with basic authentication, cache
the results of bcrypt in memory.

This is a draft to see if that approach would be acceptable.

The code is coming from Caddy, and I have fullfiled the attribution
required by Apache-2 by adding the copyright to our headers:
caddyserver/caddy@9a7756c

Signed-off-by: Julien Pivotto <[email protected]>
@roidelapluie
Copy link
Member Author

is this good to go?

@roidelapluie
Copy link
Member Author

Hold on.

Julien Pivotto added 2 commits January 16, 2021 15:57
Improve performance
000e2df 
Add getters and setters
Add a lock around bcrypt
Fix the unhappy scenario

Signed-off-by: Julien Pivotto <[email protected]>
Split test to its file
2d92119 
Signed-off-by: Julien Pivotto <[email protected]>
@roidelapluie
Copy link
Member Author

OK now it works as expected. I have added getters and setters to release locks early.

I have also added a Lock around bcrypt so that we only run one at the same time.

@roidelapluie roidelapluie requested a review from SuperQ January 16, 2021 15:05
SuperQ
SuperQ approved these changes Jan 16, 2021
View reviewed changes
Copy link
Member

@SuperQ SuperQ left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@roidelapluie roidelapluie merged commit fa3ecab into prometheus:master Jan 16, 2021
beorn7
beorn7 reviewed Jan 16, 2021
View reviewed changes
web/users.go
logger log.Logger
cache *cache
// bcryptMtx is there to ensure that bcrypt.CompareHashAndPassword is run
// only once in parallel as this is CPU expansive.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

expansive → intensive?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤦🏻 I will fix it

@roidelapluie roidelapluie mentioned this pull request Jan 16, 2021
Merged
@SuperQ SuperQ mentioned this pull request Mar 9, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@beorn7 beorn7 beorn7 left review comments

@SuperQ SuperQ SuperQ approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@roidelapluie @SuperQ @beorn7