Goal: Remove "Single-Node" limitations and mitigate Layer 7 DoS risks.
-
Redis Integration:
- Refactor accessTokensCache and consecutiveCache to implement a TokenStore Interface.
- Implementation: Create a Redis adapter to replace in-memory arrays. This allows
the Auth Service to run across multiple Docker containers/replicas while sharing rate
limits and blocklists.
-
Bot Detector Optimization (Async Logging):
- Current Issue: updateVisitors writes to the primary DB on every request.
- Optimization: Move visitor logging to a "Fire-and-Forget" Queue (Redis List or BullMQ).
Goal: Remove "Single-Node" limitations and mitigate Layer 7 DoS risks.
Redis Integration:
- Refactor accessTokensCache and consecutiveCache to implement a TokenStore Interface.
- Implementation: Create a Redis adapter to replace in-memory arrays. This allows
the Auth Service to run across multiple Docker containers/replicas while sharing rate
limits and blocklists.
Bot Detector Optimization (Async Logging):
- Current Issue: updateVisitors writes to the primary DB on every request.
- Optimization: Move visitor logging to a "Fire-and-Forget" Queue (Redis List or BullMQ).