mirror of
https://github.com/getnora-io/nora.git
synced 2026-04-12 06:50:31 +00:00
devitway
0cd79e680f
Token verification previously ran Argon2id + disk read on every authenticated request. Under load this becomes the bottleneck (~100ms per Argon2 verify on a single core). Changes: - Add in-memory cache (SHA256 -> user/role/expiry) with 5 minute TTL - Defer last_used timestamp writes to batch flush every 30 seconds - Invalidate cache entry on token revoke - Background task flushes pending last_used alongside metrics persist First verify_token call per token: full Argon2 + disk (unchanged). Subsequent calls within TTL: HashMap lookup only (sub-microsecond).