Cache Issue #1476
Comments
|
@philleepflorence - We can achieve this with an extra query param |
|
@BJGajjar - it seems currently in V8, I am able to see the requests coming from But the main issue is that caches are made from Postman and it somehow is affecting the Admin App sometimes if I remove the hook. I do agree that a cache query param would be cool - force-reload is a nice feature. |
|
I've this problem... |
|
The major problem, is security, because when you call /api when authenticated (with cookie) the answer is not the same without authentication... With cache enabled, it seems that the cache doesn't differentiate authenticated and non authenticated calls. |
You should get something like that And in fact you get (with cache enabled) Which is the authenticated response... |
|
in fact we should only cache unauthenticated calls... Authenticated calls are very hard to cache, because of access rights... |
no, your problem is more like #1473 |
Yes, just a mistake. :) |
|
We still need to cache authenticated calls, but perhaps they should be tied to the logged in user somehow? |
@bminer Do you mean authenticated calls via the API or from the App? |
|
It sounds like the safest short-term improvement / fix here would be to say that caching only works for public information, while we figure out the ideal strategy of caching authenticated data as well. |
|
@rijkvanzanten - I agree that caching really only works for public info at the moment. The main problem is that our Directus deployment simply won't function without caching. The database is slammed with thousands of queries to confirm database schema for each simple request. Without caching, our app would not function at all. Any noteworthy workarounds? |
|
@philleepflorence - I meant authenticated calls either via the API or from the App. They both hit the same API, right? |
|
@bminer you are correct but now we can differentiate calls from the admin app vs straight API. Maybe adding a query parameter for caching would help. I agree caching is really important so as not to overburden the DB server. |
|
I agree for caching only public info for now. We have the issue mentioned above and is causing us a lot of pain (manually flushing the cache each minutes). Also, on this note, are API errors cached? Or if a malicious user does heavy requests that result in an error (e.g. many fields with relations) can overload the api/db ? |
|
@bminer @philleepflorence @nachogarcia How should all of this ideally work?
* I don't think we should have a proprietary flow for just the Directus app; instead we should consider a |
|
At the moment we have many network errors when updating certain items in our CMS - we're investigating the reason, but we think that has relation with the cache - request size (our DB has many relations to store component hierarchy). On that note, ideally it would be great if the cache would work per role or user since the admin would work quite faster, and shouldn't cause issues since it would be invalidated on update/delete. I don't know how the graphql works now, but some time ago you needed authentication - so there would be also that. |
|
@rijkvanzanten - I think you're on the right track, but I also think that caching authenticated requests needs to be implemented also. The cached item should only be a "hit" if the logged in user matches the original request. Thoughts? Too complicated? |
+1 for configuring this on the role level @nachogarcia @bminer I think we should be fine as long as cache invalidation on update / delete works properly. However........ what happens when the user that requested something was deleted / suspended in the meantime? That should then also invalidate the cache I suppose. Otherwise you might block someones access, but this person is still able to retrieve the data from cache |
|
Agreed. Deleted data should invalidate all relevant cache entries, including authenticated ones, which could mean invalidating user-specific (or role-specific) cache entries. One exception to the role-specific case might be the |
|
I suppose we'd have to cache authenticated endpoints as the combination of |
|
Sorry I missed out on the responses. I was in transit. I suppose a solution is to cache only when a cache parameter is passed for public and authenticated requests. Also a cache delete parameter to flush cache for the associated collection. . I tried this on a local API (via hooks overriding the Directus cache). The only issue I had was I removed all related collection cache to the collection in question. So the first subsequent request was a bit slower but then the next ones went faster as normal. |
|
Hey everyone. I'll confess I don't understand all of the user-role permissions issues with caching (I'm running directus for all public content). But here's my two cents on how I hope caching would work:
This works great for me.
This seems pretty safe. I assume it would work for public users as Also you might warn people that their cache could grow waaay larger than before.
For those who need to run Directus with a cache to keep their database from going down, this seems risky. It exposes a way for someone to continually flush the cache and bring down the site. But that would essentially be a DDOS attack so, maybe that's outside the purview of what Directus should prevent. Just my 2 cents :) |
Good point! We don't need the user if we already have the token. Just gotta make sure we extract the token correctly as it can come from multiple sources (header / query param / cookie) |
|
Another thing we might want to do regarding cache implementation is having a directus prefix in cache keys. It could be useful for listing, deleting, etc. all directus keys in a shared redis cluster. |
|
@rijkvanzanten Is this issue going to be fixed/addressed for the next release? |
|
Not the next release unfortunately, but hopefully soon. Our main focus right now is stability and usability, and making cache actually function is very high on that list. |
|
Hi @rijkvanzanten , |
|
We still have no answer to this, but I'm looking at the options we have right now. |
|
With Directus 8 the cache is always disabled right? because i can't get it working, in our use case we use GraphQL and we cant upgrade because this. |
|
The cache is disabled by default, but can be enabled in the config file of the API |
|
@WoLfulus do we have a solution to this yet? |
Bug Report
There seems to be an issue with the cache. Currently, the API cannot differentiate between external API calls which should be cached and API calls from /admin which may not need to be cached especially while actively updating collections. Sometimes when a user is not authenticated and a cache of a core collection is created, e.g.
directus_settings, it prevents the user from signing back in throwing an error -Cannot read property 'api' of undefined.Turning off cache in the config or purging the cache seems to fix the error.
Steps to Reproduce
It is hard to produce steps to recreate!
Seems this error happened when signed in the app, while an external API request was made that created a new cache, and when refreshing the page, got the error.
It also happened when navigating to the login page on a new tab after a cache has been made.
It only happens when
directus_*collections have been updated.Expected Behavior
Only cache external API requests.
The admin app should always load from the DB to reflect actual DB data.
It would be nice if there were a query parameter to force fetching from the DB even if a cache exists (useful for refresh functionality).
Actual Behavior
Requests from the Admin app are being cached and sometimes can break if an update has been made but not reflected in the cache.
Technical Details
masterbranchThe text was updated successfully, but these errors were encountered: