Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

requireUser results in a call to db #156

Open
onurzdg opened this issue Jul 17, 2015 · 2 comments
Open

requireUser results in a call to db #156

onurzdg opened this issue Jul 17, 2015 · 2 comments

Comments

@onurzdg
Copy link

onurzdg commented Jul 17, 2015

it says in the documentation of Snaplet-Auth that "requireUser" does not have a DB cost, but it actually does unless your session cookie expires but remember cookie is still valid. It results in a call to isLogged, which in turn calls currentUser. I think there's no reason why we cannot verify without a hit to DB that the user is logged in by checking if user id exits in the user's session as shown below.

restrict' :: AppHandler () -> AppHandler ()
restrict' h =  do             
            mUid <- with sess $ getFromSession "__user_id"
            case mUid of
                (Just _) -> h
                _ -> userNotLoggedIn
@mightybyte
Copy link
Member

ping @ozataman

@nurpax
Copy link
Contributor

nurpax commented Jul 17, 2015

FWIW, there's some related discussion on currentUser here: https://groups.google.com/forum/#!searchin/snap_framework/db$20cost/snap_framework/o5Jp7PxL06E/9-6UtYxQvrwJ - I've observed the same that requireUser does have a db cost.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mightybyte @nurpax @onurzdg