Don't try to find a user by personal_access_token if the token is nil
What does this MR do?
Out of luck, I found that we're running User.find_by_personal_access_token
on each page load, whether a private_token
param/PRIVATE-TOKEN
header is present or not!
Fortunately, User.find_by_authentication_token
already avoid running a query when token
is not present, but User.find_by_personal_access_token
was not.
This was resulting in the following, on each request:
Started GET "/" for 127.0.0.1 at 2017-03-22 15:31:02 +0100
Processing by RootController#index as HTML
PersonalAccessToken Load (0.4ms) SELECT "personal_access_tokens".* FROM "personal_access_tokens" WHERE (revoked = false AND (expires_at >= NOW() OR expires_at IS NULL)) AND "personal_access_tokens"."token" IS NULL LIMIT 1
Are there points in the code the reviewer needs to double check?
I don't think so.