is it right to get userinfo for every request?

Question

is it right to get userinfo for every request?

Closed this issue 6 years ago · 0 comments

This method "findById" is used for every request, which may waste cpu and memory.

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) {
        JWTAuthenticationToken upToken = (JWTAuthenticationToken) token;
        **UserDefault user = userRepository.findById(upToken.getUserId());**

        if (user != null && userRepository.validateToken(upToken.getToken())) {
            SimpleAccount account = new SimpleAccount(user, upToken.getToken(), getName());
            account.addRole(user.getRoles());
            return account;
        }

        return null;
    }