mongodb - deserialize on each request? is this not needless db reads? -


understanding passport serialize deserialize

in cobbling first node app array of guides , posts have stumbled across serialize , deserialize passport functions...

i kind of understand functionality.. doesn't seem right.

http://toon.io/understanding-passportjs-authentication-flow/:

passport.deserializeuser invoked on every request passport.session. enables load additional user information on every request. user object attached request req.user making accessible in our request handling.

this means every single request runs db request retrieve user object? app not require db request aquire full userobject on every single request.. in fact cannot think of app require this..

thus, if register serialize function , not deserialize function.. best practice stop passport assigning entire user object/mongo doc session whilst @ same time reducing db read count per page/api request?

passport.session middleware calls deserialize function, better strategy strategically place middleware want:

app.get('/', ...); app.use(passport.session()); app.get('/user', ...) 

that way can choose routes user object loaded or not.

but practice indeed user object restored database upon each request. cost virtually nothing (~1ms) wouldn't worry it.


Comments

Popular posts from this blog

android - Gradle sync Error:Configuration with name 'default' not found -

java - Andrioid studio start fail: Fatal error initializing 'null' -

html - jQuery UI Sortable - Remove placeholder after item is dropped -