Comment by RadiozRadioz

Comment by RadiozRadioz 3 days ago

1 reply

View on Hacker News

Then don't hit the SQL DB directly, cache the tokens in memory. Be it Redis or just in your app. Invalidate the cache on token expiry (Redis has TTL built in).

UserID -> token is a tiny amount of data.

fastball 16 hours ago

And now I need to invalidate the cache if the key is invalidated. Also this cache cannot be updated/invalidated atomically, like I can if I'm just storing a refresh key in the SQL db. Caching in Redis is more complex and more prone to error than access/refresh token systems.

Reply View 0 replies