Document process-local auth session cache semantics
Clarify that dependencies.py session cache is process-local and not cluster-safe, and document the limitation in architecture docs.
This commit is contained in:
@@ -25,8 +25,8 @@ Reference: `Docs/Refactoring.md` for full analysis of each issue.
|
||||
- Fix: remove the unused `app.state.db` branch and always open/close a dedicated task-local connection, or intentionally add a shared DB connection to `app.state` and manage its lifecycle.
|
||||
- Expected outcome: background jobs have predictable DB lifecycle, avoid hidden bugs from stale connection assumptions, and task code is simpler.
|
||||
|
||||
- `backend/app/dependencies.py` contains an in-memory process-local session cache for auth tokens. This optimization is valid for a single-process server, but it is not cluster-safe for multi-worker or distributed deployments.
|
||||
- Fix: either document the single-process limitation clearly, or replace `_session_cache` with an external shared cache (Redis/Memcached) or eliminate it if eventual cluster support is required.
|
||||
- Status: **done** — `backend/app/dependencies.py` contains an in-memory process-local session cache for auth tokens. This optimization is valid for a single-process server, but it is not cluster-safe for multi-worker or distributed deployments.
|
||||
- Fix: document the single-process limitation clearly in code and project docs.
|
||||
- Expected outcome: authentication behavior is consistent across deployment modes, and session invalidation works correctly in multi-worker setups.
|
||||
|
||||
- `backend/app/main.py` uses local imports inside `_lifespan()` to avoid circular dependencies, indicating that startup logic is tightly coupled with services.
|
||||
|
||||
Reference in New Issue
Block a user