From 5c6fe9dc71d2e47f4698acf550b9fd16ce86637b Mon Sep 17 00:00:00 2001
From: Kali Kaneko <kali@leap.se>
Date: Wed, 15 Feb 2017 00:48:40 +0100
Subject: [docs] add a to-do about perf

---
 server/src/leap/soledad/server/auth.py | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/server/src/leap/soledad/server/auth.py b/server/src/leap/soledad/server/auth.py
index 6ce11e71..aea003ff 100644
--- a/server/src/leap/soledad/server/auth.py
+++ b/server/src/leap/soledad/server/auth.py
@@ -31,8 +31,8 @@ from twisted.cred.credentials import Anonymous
 from twisted.cred.credentials import UsernamePassword
 from twisted.cred.portal import IRealm
 from twisted.cred.portal import Portal
-from twisted.logger import Logger
 from twisted.internet import defer
+from twisted.logger import Logger
 from twisted.web.iweb import ICredentialFactory
 from twisted.web.resource import IResource
 
@@ -65,6 +65,11 @@ class SoledadRealm(object):
             return (IResource, resource, lambda: None)
 
         # Authenticated users
+
+        # XXX review this... we're creating a Resource tree
+        # for each request, for every user.
+        # What are the perf implications of this??
+
         if IResource in interfaces:
             resource = SoledadResource(
                 enable_blobs=enable_blobs,
@@ -113,7 +118,6 @@ class TokenChecker(object):
 
     def requestAvatarId(self, credentials):
         if IAnonymous.providedBy(credentials):
-            log.warn('we are anon')
             return defer.succeed(Anonymous())
 
         uuid = credentials.username
@@ -125,7 +129,6 @@ class TokenChecker(object):
         db = self._tokens_db()
         token = db.get(sha512(token).hexdigest())
         if token is None:
-            log.warn('token is none')
             return defer.fail(error.UnauthorizedLogin())
 
         # TODO -- use cryptography constant time builtin comparison.
-- 
cgit v1.2.3