review API key request non-happy path
Closed this issue · 2 comments
when to stop using existing rules?
From my point of view, it's risky for us to continue using rules when we lose the guarantee that they are up to date.
If we have a case of temporarily losing connection with criticalcss.com for validating the API key, then in this case I think it can be OK to keep using the existing rules.
On the other hand, if the user' membership expires or is cancelled (i.e. validation response from API says the key is invalid), then I think we should stop using the existing rules. Then there's no risk that they will be used while being out of date, so they cannot break the site. The user will lose the performance gain, but this is to be expected, as they don't have a valid membership and API key.