Caching in Strapi with Strapi Middleware Cache

Stefan_Ilic · July 13, 2021, 9:01pm

So I’m not sure if this got patched, but according to this github issue, it’s not.

github.com/patrixr/strapi-middleware-cache

Once the model is cached, auth is neglected

opened 05:05PM - 04 Feb 21 UTC

Hi, I integrated the strapi middleware cache to my project and added the mode…l like categories. Below is my cache settings in middleware.js under config cache: { enabled: true, type: 'redis', maxAge: 3600000, models: [ { model: 'Categories', maxAge: 1000000, } ], populateStrapiMiddleware: true, logs:true } First time when GET /Categories api is invoked it asked for bearer token. Next time when it is cached authentication is totally ignored. If I remove auth header no forbidden message is shown instead data is returned giving access to anybody with api. Am I missing any steps? How to overcome this problem so that cache middleware is not invoked before auth is verified.

I think it’s pretty important to mention this, especially if you want to cache routes that should not be publicly accessible. So if you want to implement this in production, do take this into account.
@DMehaffy please correct me if I’m wrong about this so I don’t cause any confusion.