Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feature: fast-path for password match in basicauth [non token mode] #51

Open
vlahan opened this issue Nov 10, 2023 · 0 comments
Open

feature: fast-path for password match in basicauth [non token mode] #51

vlahan opened this issue Nov 10, 2023 · 0 comments
Assignees
@greenpau
Labels
feature

Comments

@vlahan
Copy link

vlahan commented Nov 10, 2023

When non-token authentication, e.g direct basicauth is used via the caddy security plugin, each request currently has to go through the costly bcrypt.CompareHashAndPassword method resulting in ~ 4s latency to each call:

go-authcrunch/pkg/identity/password.go

Line 117 in 50f3edc

if err := bcrypt.CompareHashAndPassword([]byte(p.Hash), []byte(s)); err == nil {

Adding a cached fast-path as in the core caddyauth module would significantly improve the call latency for the follow-up requests:

https://github.com/caddyserver/caddy/blob/3b3d67871446ee6bf1921938ef0f16b6112c7ceb/modules/caddyhttp/caddyauth/basicauth.go#L186
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@greenpau greenpau

Labels
feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vlahan @greenpau