You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have an express application in production, i use passport, passport local and
passport-local-mongoose to handle the authentication strategy, unfortunately the login api take to much time to respond when there is more than 200 users at once’s, it goes more than 30 secondes ... . After hours of debugging i found that the problem is coming from the authenticate() method! I think that the password comparison algorithm isn't optimized.
thanks.
Maher
The text was updated successfully, but these errors were encountered:
Hi, I'm not related to this project btw
Is the authenticate method blocking the stack? Other requests also take 30 seconds during that period or is just that one?
Thanks
hmm, I'm not totally related either, but, i know that for modern password hash algorithms like bcrypt, taking a certain amount of time is a feature, not a bug, as it makes brute force attempts more difficult. they also have a work factor that can be used to turn up the amount of work required over time as computers get faster. I don't know if this is related to that or not - it seems like an authenticate call should only have to hash the user's input once, and then see if there's a matching hash in the database. I haven't looked at the authenticate call to see how exactly it works tho.
Hey everyone,
I have an express application in production, i use passport, passport local and
passport-local-mongoose to handle the authentication strategy, unfortunately the login api take to much time to respond when there is more than 200 users at once’s, it goes more than 30 secondes ... . After hours of debugging i found that the problem is coming from the authenticate() method! I think that the password comparison algorithm isn't optimized.
thanks.
Maher
The text was updated successfully, but these errors were encountered: