[FLI-946] Don't require DB for auth if only using JWT and non-DB flag storage
markphelps opened this issue · comments
Re: the following discussion
If using JWT auth AND a non-DB storage backend for flag state (ie OCI, Git, Local), then we shouldn't try to connect to a database as one isn't required.
Ideally we should try to figure out a way to make this more clear in the code without explicitly checking for JWT auth I think
Hello, I'm trying to understand how I can enable static token and continue using OCI! For what I've understood when using OCI the Database is not used/ignored and the Cache is "irrelevant" as everything is already in memory and a believe for static token it should have a persistent storage
This is not entirely true as if you do enable static token authentication it requires a database, and if you add cache this will definitely make the requests faster as we cache tokens for auth as well
We only don't require a database if you are using non-DB storage AND do not enable authentication:
Lines 51 to 60 in 7620fe8
Line 79 in 7620fe8
Related to what @GeorgeMac said, you can use JWT auth without a database but our current check does not allow that actually:
Line 55 in 7620fe8
@GeorgeMac we should not try to connect to a DB if only the JWT auth method is used and non-DB storage is used
Originally posted by @markphelps in #2971 (comment)