Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dont serve cache if API authorization fails #225

Open
ZaidWaseem10 opened this issue Sep 22, 2020 · 1 comment
Open

Dont serve cache if API authorization fails #225

ZaidWaseem10 opened this issue Sep 22, 2020 · 1 comment

Comments

@ZaidWaseem10
Copy link

I have an API KEY header with each request. Generally whats happening is that if the first request has correct api key, the response will be cached. Now if anyone makes a request to the same endpoint without correct api key, the cache will also be served. It fails the security measures taken for the endpoint. Is there any way to validate API-KEY in each and every request? even though the response is cached.
@ZaidWaseem10 ZaidWaseem10 changed the title Dont serve cache if authorization fails Dont serve cache if API authorization fails Sep 22, 2020
@josedev999
Copy link

@ZaidWaseem10 I think it is matter of how you put middlewares in order.
You need to put authorization middleware in front of cache middleware.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ZaidWaseem10 @josedev999