-
Notifications
You must be signed in to change notification settings - Fork 54
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ApiKey caching is not using the cache expiry mechanism #92
Comments
When an apikey is presented to MG, it invokes /edgemicro-auth/verifyApikey. The response from verifyApiKey is a JWT. At the moment, the JWT expiry is set to 1 minute (but easily customizable). The current logic stores the api key in cache for as long as the JWT expiry is set to. I'm happy to add a TTL for the cache itself, but remember there are two dials to operate - a JWT expiry and the cache TTL. |
Here is the PR: #93 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
[feature request]
In apikeys (and same code in oauth and oauthv2)
microgateway-plugins/apikeys/index.js
Line 201 in 94751da
A distinct expiration time is known but not passed to the cache. This could benefit
The text was updated successfully, but these errors were encountered: