e0853d4a21
One of the issues holding back performance of the API is the problem of hashing. Whilst banning BASIC authentication with passwords will help, the API Token scheme still requires a PBKDF2 hash - which means that heavy API use (using Tokens) can still cause enormous numbers of hash computations. A slight solution to this whilst we consider moving to using JWT based tokens and/or a session orientated solution is to simply cache the successful tokens. This has some security issues but this should be balanced by the security issues of load from hashing. Related #14668 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> |
||
|---|---|---|
| .. | ||
| advanced | ||
| developers | ||
| features | ||
| help | ||
| installation | ||
| translation | ||
| upgrade | ||
| usage | ||
| advanced.en-us.md | ||
| advanced.fr-fr.md | ||
| advanced.zh-cn.md | ||
| advanced.zh-tw.md | ||
| developers.en-us.md | ||
| developers.zh-tw.md | ||
| features.en-us.md | ||
| features.zh-cn.md | ||
| features.zh-tw.md | ||
| help.en-us.md | ||
| help.fr-fr.md | ||
| help.zh-cn.md | ||
| help.zh-tw.md | ||
| installation.en-us.md | ||
| installation.fr-fr.md | ||
| installation.zh-cn.md | ||
| installation.zh-tw.md | ||
| translation.de-de.md | ||
| translation.en-us.md | ||
| translation.zh-tw.md | ||
| upgrade.en-us.md | ||
| upgrade.fr-fr.md | ||
| upgrade.zh-cn.md | ||
| upgrade.zh-tw.md | ||
| usage.en-us.md | ||
| usage.zh-cn.md | ||
| usage.zh-tw.md | ||