Any way to speed up REST2 API?

Seems Auth part takes a lot of time - testing with simple /REST/2.0/ticket/xxxx request:
0,8s with token auth
0,5s with basic auth
0,1s with cookie auth

cookie auth speed is usable, but I want to avoid handling possible cookie/session expiration…

0.8s seems really slow. It might be a good idea to put some additional logging in to see where the time is being spent. I had wondering if it was an artificial sleep to stop timing attacks, but when I checked the code nothing jumped out at me.

is there any built-in logging config?
Setting ‘debug’ for LogToFile,StatementLog,LogStackTraces doesn’t have any effect on API requests…

I did some tests and found out 90% of time is spent in RT::Authen::Token->UserForAuthString()
in this loop:

    while (my $token = $tokens->Next) {
        if ($token->IsToken($cleartext_token)) {
            return ($user_obj, $token);

in the if ($token->IsToken($cleartext_token)) part

1 Like