问题
I have a web server with a lot of requests per second. In order to optimise performances on I/O with the database, the server perform currently only 2 SQL queries by HTTP query:
- there's one query in order to fetch the current user,
- there's one query in order to read or write a resource.
And I'm currently wondering if it wouldn't be smart to also cache the current user's id, inside a session variable. This way, the server could perform just 1 SQL query by HTTP query.
In order to do so, the client would have to authenticate itself on the app. Then, after an SQL query checking the username+password, the server could just save his id inside a session variable. After this, we could remove the useless SQL query.
As this seems very simple, and useful, I'm wondering why popular Authentication plugins such as the Devise gem (for Rails or Sinatra) don't seems to work this way.
Is they a best way to do so? What do you think about?
Thanks for any ideas.
回答1:
This is how Devise, and most authentication frameworks, function. The purpose of saving the ID in the session is to allow you to quickly and easily retrieve the user from the database: presumably you're fetching the user for a reason (like displaying their name on the page, checking authentication, model assignment), and just having their ID from the session won't tell you any of this information. So you'll still have to grab the user from the database anyway.
来源:https://stackoverflow.com/questions/13197863/web-application-without-sql-query-for-current-user-authentication