bench-forgejo/docs/content
zeripath e0853d4a21
Add API Token Cache ()
One of the issues holding back performance of the API is the problem of hashing.
Whilst banning BASIC authentication with passwords will help, the API Token scheme
still requires a PBKDF2 hash - which means that heavy API use (using Tokens) can
still cause enormous numbers of hash computations.

A slight solution to this whilst we consider moving to using JWT based tokens and/or
a session orientated solution is to simply cache the successful tokens. This has some
security issues but this should be balanced by the security issues of load from
hashing.

Related 

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-08-17 14:30:42 -04:00
..
doc Add API Token Cache () 2021-08-17 14:30:42 -04:00
page Fix various documentation, user-facing, and source comment typos () 2021-07-08 13:38:13 +02:00