Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: auth cache #643

Merged
merged 28 commits into from
Feb 27, 2023
Merged

feat: auth cache #643

merged 28 commits into from
Feb 27, 2023

Conversation

oddgrd
Copy link
Contributor

@oddgrd oddgrd commented Feb 20, 2023
edited
Loading

This PR adds a cache in front of the reverse proxy in the ShuttleAuthLayer that tries to upgrade a cookie or api-key bearer token to a JWT. The cache is first checked for the key (cookie or api-key), if it is there set it on the request in the ShuttleAuthLayer. If it isn't, request an upgrade from the auth server through the proxy. If it succeeds, extract the token from the proxy response and set it in the cache, before setting it on the request and proceeding.

It would have been more elegant to have the cache be a layer on the proxy client, but I had some difficulty implementing this. It's certainly something we should consider in the future.

All tests pass except for one assertion in the api_create_get_delete_projects test, which is commented out. It was indeed broken, but it was testing functionality we don't have.

chesedo
chesedo reviewed Feb 22, 2023
View reviewed changes
Copy link
Contributor

@chesedo chesedo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Progress seems good to me 😄

auth/src/api/handlers.rs Outdated Show resolved Hide resolved
@oddgrd oddgrd force-pushed the feature/eng-439-cache-layer branch 2 times, most recently from 84d12a9 to 5dc8f0a Compare February 22, 2023 11:48
@oddgrd oddgrd marked this pull request as ready for review February 22, 2023 14:23
chesedo
chesedo reviewed Feb 22, 2023
View reviewed changes
Copy link
Contributor

@chesedo chesedo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is exciting, thanks Oddbjorn!!

auth/Cargo.toml Outdated Show resolved Hide resolved
gateway/src/api/cache_layer.rs Outdated Show resolved Hide resolved
chesedo
chesedo approved these changes Feb 22, 2023
View reviewed changes
Copy link
Contributor

@chesedo chesedo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@oddgrd
feat: move cache to auth layer
541144c
@oddgrd
feat: invalidate cache on logout
678cce2 
also comment out broken test and add TODO to it, and revert auth manifest changes
@oddgrd
refactor: error handling in extract expiration
a6265c2
@oddgrd oddgrd force-pushed the feature/eng-439-cache-layer branch from 2361fd1 to a6265c2 Compare February 24, 2023 15:25
chesedo
chesedo approved these changes Feb 24, 2023
View reviewed changes
Copy link
Contributor

@chesedo chesedo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice 🥳, thanks @oddgrd

LGTM

gateway/src/api/auth_layer.rs Outdated Show resolved Hide resolved
gateway/src/api/auth_layer.rs Show resolved Hide resolved
gateway/src/api/latest.rs Outdated Show resolved Hide resolved
gateway/src/api/latest.rs Outdated Show resolved Hide resolved
gateway/src/api/latest.rs Show resolved Hide resolved
@chesedo chesedo merged commit 6686657 into shuttle-hq:main Feb 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chesedo chesedo chesedo approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@oddgrd @chesedo