Graphql-engine: support token caching in webhook auth mode

Created on 7 Sep 2020 · 5Comments · Source: hasura/graphql-engine

When using webhooks for authentication, I'm noticing every single request to hasura triggers a request to the authentication endpoint, even if the Authorization header and source IP remains the same.
Is there no way to cache this value so it stays valid for a period before re-checking?

Currently, the Hasura API is dependent on the authentication endpoints response time for every single request when using Webhooks for Authentication.
Using "Cache-Control": "max-age=600" did not fix this for me.

auth enhancement

Source

jeroen7s

👍4

Most helpful comment

@tirumaraiselvan Thanks. I ran into this problem as well and had the same trouble as @jeroen7s.

The documentation makes it seem like it applies to standard webhook authentication, not just websockets: https://hasura.io/docs/1.0/graphql/core/auth/authentication/webhook.html

Any idea where this will land on a roadmap? It's really slow to add an additional round-trip for every API request. Hasura is very fast but networks are not :)

cllns on 21 Sep 2020

👍7

All 5 comments

Currently, the Cache-Control headers apply only to expire websocket connections which are authenticated via webhook. We can perhaps use the same semantics for caching the token as well.

Changing the title to reflect this feature request.

tirumaraiselvan on 9 Sep 2020

👍7

@tirumaraiselvan Thanks. I ran into this problem as well and had the same trouble as @jeroen7s.

The documentation makes it seem like it applies to standard webhook authentication, not just websockets: https://hasura.io/docs/1.0/graphql/core/auth/authentication/webhook.html

Any idea where this will land on a roadmap? It's really slow to add an additional round-trip for every API request. Hasura is very fast but networks are not :)

cllns on 21 Sep 2020

👍7

Any updates?