workos-node icon indicating copy to clipboard operation
workos-node copied to clipboard
verified publisher icon workos

Add caching functionality/pathways for token validation

Open MatthewAry opened this issue 1 year ago • 3 comments

Every time we validate a session token, it makes a request to WorkOS's infra to get the same value from their systems to validate the token. On our end, we see each validation operation adds ~200ms to each request that performs a token check. Usually the key used for authenticity verification changes very infrequently so it's something that can be cached. The SDK could cache the key in a singleton on the server and use that and validate using the cached key optimistically. If the authenticity check fails, then it can call the endpoint to see if the verification key changed at WorkOS as a fallback, if it turns out to be a cache miss, then check the token and at the same time update the cache.

This should improve perf greatly on our end.

MatthewAry avatar Dec 20 '24 19:12 MatthewAry

I just noticed that WorkOS has the option to set an inactivity timeout value when it comes to session management. Adding caching COULD break the enforcement of this policy depending on how inactivity is tracked. How does inactivity work?

MatthewAry avatar Jan 17 '25 18:01 MatthewAry

Is this fixed by https://github.com/workos/workos-node/pull/1196 ?

MatthewAry avatar Feb 06 '25 17:02 MatthewAry

Is this fixed by https://github.com/workos/workos-node/pull/1233 ?

MatthewAry avatar Mar 12 '25 20:03 MatthewAry