misc: optimize check of auth_token

2023-04-13 22:33:18 +02:00 · 2023-04-13 22:33:18 +02:00 · f6466af00c
parent f50c2d0ea9
commit f6466af00c
2 changed files with 14 additions and 2 deletions
--- a/scripts/uwsgi.sh
+++ b/scripts/uwsgi.sh
@ -31,7 +31,7 @@ auto-procname = true
 procname-prefix-spaced = ants-hub
 master = true
 enable-threads = true
-listen = 1000
+listen = 300
 processes = 5
 pidfile = $TOX_WORK_DIR/uwsgi.pid
 http-socket = 127.0.0.1:9040
--- a/src/ants_hub/api/views/ants.py
+++ b/src/ants_hub/api/views/ants.py
@ -5,6 +5,8 @@ import datetime
 import functools
 import logging
 import secrets
+import sys
+import time
 import zoneinfo

 from django.http import JsonResponse
@ -22,15 +24,25 @@ def format_date_ants(dt):
    return dt.astimezone(ANTS_TIMEZONE).isoformat().split('+')[0] + 'Z'


+AUTH_TOKEN = None
+AUTH_TOKEN_TIME = None
+
+
 def authenticate(func):
    @functools.wraps(func)
    def wrapper(request, *args, **kwargs):
+        global AUTH_TOKEN, AUTH_TOKEN_TIME  # pylint: disable=global-statement
+
        if not request.user.is_authenticated:
            header = request.headers.get('X-Hub-Rdv-Auth-Token', '')
            if not header:
                logger.warning('authentication failed, missing header X-HUB-RDV-AUTH-TOKEN')
                return JsonResponse("Missing X-HUB-RDV-AUTH-TOKEN header", status=401, safe=False)
-            auth_token = Config.get(Config.REQUEST_FROM_ANTS_AUTH_TOKEN)
+            if AUTH_TOKEN_TIME and time.time() - AUTH_TOKEN_TIME < 60 and 'pytest' not in sys.modules:
+                auth_token = AUTH_TOKEN
+            else:
+                auth_token = Config.get(Config.REQUEST_FROM_ANTS_AUTH_TOKEN)
+                AUTH_TOKEN_TIME, AUTH_TOKEN = time.time(), auth_token
            if not auth_token:
                logger.error('authentication failed, REQUEST_FROM_ANTS_AUTH_TOKEN is not configured')
                return JsonResponse("X-HUB-RDV-AUTH-TOKEN not configured", status=401, safe=False)