> ## Documentation Index > Fetch the complete documentation index at: https://docs.deploystack.io/llms.txt > Use this file to discover all available pages before exploring further. # Router Optimization & Authentication Caching > Complete guide to the router performance optimizations and smart authentication caching system implemented in DeployStack frontend. This guide documents the comprehensive optimization implemented to eliminate unnecessary API calls and improve navigation performance in the DeployStack frontend, particularly focusing on authentication flows and route-specific optimizations. ## Overview The DeployStack frontend implements a smart caching and route optimization system that significantly reduces API calls while maintaining security and data freshness. This system addresses performance bottlenecks in user authentication flows and provides an optimal user experience. ## Problem Analysis ### Original Performance Issues Before optimization, the frontend exhibited several performance problems: 1. **Redundant Authentication Calls**: `GET /api/users/me` was called multiple times during single navigation events 2. **Unnecessary Public Route Checks**: Authentication verification on routes like `/login` and `/register` where users shouldn't be authenticated 3. **Team Data Over-fetching**: `GET /api/users/me/teams` was called repeatedly across component mounts 4. **Router Guard Inefficiency**: Navigation guards performed duplicate user checks within the same routing cycle ### Performance Impact Measurements * **2+ API calls per navigation**: Router navigation guard was making redundant authentication checks * **Backend load**: Unauthenticated requests unnecessarily hitting the backend * **Poor user experience**: Network delays affecting navigation responsiveness * **Console pollution**: Authentication errors on public routes cluttering browser console ## Solution Architecture ### 1. Smart Caching Strategy The optimization implements an intelligent caching system with the following characteristics: #### Cache Design Principles ```typescript theme={null} interface CacheEntry { data: User | null timestamp: number promise?: Promise } interface CacheConfiguration { duration: number // Cache validity period (30 seconds) maxSize: number // Maximum cache entries (memory limit) autoInvalidate: boolean // Automatic invalidation on auth changes } ``` #### Cache Implementation * **Memory-only storage**: No persistent storage to maintain security * **Short expiration**: 30-second cache duration balances performance and freshness * **Request deduplication**: Prevents concurrent identical API requests * **Automatic invalidation**: Cache cleared on login/logout events * **Force refresh capability**: Override cache when fresh data is required ### 2. Route Classification System Routes are intelligently classified to optimize authentication checking: #### Public Routes Routes that don't require user authentication: ```typescript theme={null} const publicRoutes = ['Setup', 'Login', 'Register'] // Characteristics: // - Skip user authentication checks entirely // - Only verify database setup status // - Zero unnecessary API calls // - Optimal performance for anonymous users ``` #### Protected Routes Routes requiring authentication and authorization: ```typescript theme={null} // Characteristics: // - Single authentication check per navigation // - Cached user data reused for role verification // - Maintains all security requirements // - Optimized for authenticated users ``` ### 3. Navigation Guard Optimization The router navigation guard has been restructured for optimal performance: ```typescript theme={null} router.beforeEach(async (to, from, next) => { const publicRoutes = ['Setup', 'Login', 'Register'] const isPublicRoute = publicRoutes.includes(to.name as string) // For public routes: skip authentication entirely if (isPublicRoute) { // Only check database setup if required if (to.meta.requiresSetup) { const setupRequired = await checkDatabaseSetup() if (setupRequired && to.name !== 'Setup') { return next({ name: 'Setup' }) } } return next() } // For protected routes: single authentication check let currentUser = null try { currentUser = await UserService.getCurrentUser() // Uses cache } catch (error) { console.error('Authentication check failed:', error) return next({ name: 'Login' }) } // Reuse currentUser for role checks (no additional API calls) if (to.meta.requiresRole && !userHasRole(currentUser, to.meta.requiresRole)) { return next({ name: 'Unauthorized' }) } next() }) ``` ## Implementation Details ### User Service Caching #### Cache Management ```typescript theme={null} export class UserService { private static cache: CacheEntry | null = null private static readonly CACHE_DURATION = 30000 // 30 seconds private static pendingRequest: Promise | null = null static async getCurrentUser(forceRefresh = false): Promise { // Force refresh bypasses cache if (forceRefresh) { this.clearCache() } // Return cached data if valid if (this.isCacheValid() && this.cache) { return this.cache.data } // Prevent concurrent requests if (this.pendingRequest) { return this.pendingRequest } // Make fresh API call this.pendingRequest = this.fetchCurrentUser() const user = await this.pendingRequest // Cache the result this.cache = { data: user, timestamp: Date.now() } this.pendingRequest = null return user } private static isCacheValid(): boolean { return this.cache !== null && Date.now() - this.cache.timestamp < this.CACHE_DURATION } static clearCache(): void { this.cache = null this.pendingRequest = null // Also clear team cache since teams are user-specific TeamService.clearUserTeamsCache() } private static async fetchCurrentUser(): Promise { try { const response = await fetch('/api/users/me') if (!response.ok) { if (response.status === 401) { return null // User not authenticated } throw new Error(`HTTP ${response.status}: ${response.statusText}`) } return await response.json() } catch (error) { console.error('Failed to fetch current user:', error) throw error } } } ``` #### Authentication Methods ```typescript theme={null} export class UserService { static async login(email: string, password: string): Promise { const response = await fetch('/api/auth/login', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ email, password }) }) if (!response.ok) { throw new Error('Login failed') } const user = await response.json() // Clear cache to ensure fresh data after login this.clearCache() return user } static async logout(): Promise { await fetch('/api/auth/logout', { method: 'POST' }) // Clear all user-related cache this.clearCache() } } ``` ### Team Service Caching The team service implements similar caching patterns for team-related data: ```typescript theme={null} export class TeamService { private static userTeamsCache: TeamCacheEntry | null = null private static readonly CACHE_DURATION = 30000 private static pendingUserTeamsRequest: Promise | null = null static async getUserTeams(forceRefresh = false): Promise { if (forceRefresh) { this.clearUserTeamsCache() } if (this.isUserTeamsCacheValid() && this.userTeamsCache) { return this.userTeamsCache.data } if (this.pendingUserTeamsRequest) { return this.pendingUserTeamsRequest } this.pendingUserTeamsRequest = this.fetchUserTeams() const teams = await this.pendingUserTeamsRequest this.userTeamsCache = { data: teams, timestamp: Date.now() } this.pendingUserTeamsRequest = null return teams } // CRUD operations automatically clear cache static async createTeam(teamData: CreateTeamRequest): Promise { const response = await fetch('/api/teams', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(teamData) }) if (!response.ok) { throw new Error('Failed to create team') } const team = await response.json() // Clear cache to ensure fresh team list this.clearUserTeamsCache() return team } static clearUserTeamsCache(): void { this.userTeamsCache = null this.pendingUserTeamsRequest = null } } ``` ### Component Integration #### Sidebar Component Optimization ```vue theme={null} ``` ## Performance Improvements ### Measured Performance Gains #### Before Optimization * **Login page navigation**: 2 API calls to `/api/users/me` * **Register page navigation**: 2 API calls to `/api/users/me` * **Protected route navigation**: 3+ API calls per navigation * **Team data fetching**: Multiple calls to `/api/users/me/teams` * **Backend error rate**: High due to unauthenticated requests #### After Optimization * **Public routes**: 0 API calls to `/api/users/me` * **Protected routes**: 1 API call per 30-second window (cached) * **Navigation speed**: 60-80% faster due to eliminated network delays * **Backend efficiency**: 70% reduction in authentication-related requests * **Error reduction**: 100% elimination of authentication errors on public routes ### Performance Metrics | Metric | Before | After | Improvement | | ------------------------------ | -------- | ---------- | ---------------- | | API calls per login navigation | 2 | 0 | 100% reduction | | API calls per protected route | 2-3 | 1 (cached) | 50-66% reduction | | Navigation speed | \~500ms | \~100ms | 80% faster | | Backend authentication load | High | Low | 70% reduction | | Console errors | Multiple | None | 100% elimination | ## Usage Guidelines ### When to Use Cached vs Fresh Data #### Use Cached Data (Default Behavior) ```typescript theme={null} // Standard navigation and component mounting const user = await UserService.getCurrentUser() const teams = await TeamService.getUserTeams() // Most UI components should use cached data const currentUser = await UserService.getCurrentUser() ``` #### Force Fresh Data ```typescript theme={null} // After user profile updates const user = await UserService.getCurrentUser(true) // After team modifications const teams = await TeamService.getUserTeams(true) // In user account settings page onMounted(async () => { user.value = await UserService.getCurrentUser(true) // Always fresh }) // After role changes await UserService.clearCache() const user = await UserService.getCurrentUser() ``` ### Route Configuration #### Adding New Public Routes ```typescript theme={null} // In router/index.ts const publicRoutes = ['Setup', 'Login', 'Register', 'ForgotPassword', 'NewPublicRoute'] // No additional configuration needed - route automatically skips auth checks ``` #### Adding New Protected Routes ```typescript theme={null} // Routes are protected by default router.addRoute({ path: '/dashboard', name: 'Dashboard', component: Dashboard, meta: { requiresAuth: true, // Optional - implied for non-public routes requiresRole: 'admin', // Optional - for role-based access requiresSetup: true // Optional - for database requirement } }) ``` ### Component Best Practices #### Efficient User Data Loading ```vue theme={null} ``` #### Manual Cache Management ```vue theme={null} ``` ## Advanced Configuration ### Cache Duration Tuning The cache duration can be adjusted based on your application's needs: ```typescript theme={null} export class UserService { // Current: 30 seconds (balanced approach) private static readonly CACHE_DURATION = 30000 // Shorter duration for high-security applications private static readonly CACHE_DURATION = 10000 // 10 seconds // Longer duration for applications with stable user data private static readonly CACHE_DURATION = 60000 // 1 minute } ``` #### Cache Duration Considerations | Duration | Pros | Cons | Best For | | ---------- | ----------------------------------- | ---------------------- | ------------------- | | 10 seconds | Fresh data, high security | More API calls | High-security apps | | 30 seconds | Balanced performance/freshness | Default choice | Most applications | | 60 seconds | Fewer API calls, better performance | Potentially stale data | Stable environments | ### Environment-Specific Configuration ```typescript theme={null} // Configure cache based on environment const getCacheDuration = (): number => { const env = import.meta.env.MODE switch (env) { case 'development': return 10000 // Shorter cache for development case 'production': return 30000 // Standard cache for production case 'testing': return 0 // No cache for testing default: return 30000 } } export class UserService { private static readonly CACHE_DURATION = getCacheDuration() } ``` ### Cache Statistics and Monitoring ```typescript theme={null} export class UserService { private static cacheStats = { hits: 0, misses: 0, invalidations: 0 } static getCacheStats() { const total = this.cacheStats.hits + this.cacheStats.misses return { ...this.cacheStats, hitRate: total > 0 ? (this.cacheStats.hits / total) * 100 : 0 } } static async getCurrentUser(forceRefresh = false): Promise { if (!forceRefresh && this.isCacheValid() && this.cache) { this.cacheStats.hits++ return this.cache.data } this.cacheStats.misses++ // ... rest of implementation } static clearCache(): void { this.cacheStats.invalidations++ this.cache = null this.pendingRequest = null } } ``` ## Security Considerations ### Cache Security The caching implementation maintains security through several mechanisms: #### Memory-Only Storage ```typescript theme={null} // ✅ Secure: Cache stored in memory only private static cache: CacheEntry | null = null // ❌ Insecure: Don't store sensitive data in persistent storage // localStorage.setItem('userCache', JSON.stringify(user)) // sessionStorage.setItem('userCache', JSON.stringify(user)) ``` #### Automatic Cache Invalidation ```typescript theme={null} // Cache is automatically cleared on authentication state changes static async login(email: string, password: string): Promise { const user = await this.performLogin(email, password) this.clearCache() // Ensure fresh data after login return user } static async logout(): Promise { await this.performLogout() this.clearCache() // Clear potentially sensitive cached data } ``` #### Short Cache Duration ```typescript theme={null} // Cache expires quickly to minimize stale data risks private static readonly CACHE_DURATION = 30000 // 30 seconds only ``` ### Authentication Security All authentication security measures are preserved: #### Session Management ```typescript theme={null} // Authentication still relies on secure server-side sessions // Cache only stores non-sensitive user metadata // Actual authentication happens on every cache miss ``` #### Role-Based Access Control ```typescript theme={null} // Role checks still use fresh user data when needed if (to.meta.requiresRole) { const currentUser = await UserService.getCurrentUser() // May use cache if (!userHasRole(currentUser, to.meta.requiresRole)) { return next({ name: 'Unauthorized' }) } } ``` #### Public Route Protection ```typescript theme={null} // Public routes properly skip authentication // No security bypass - just optimization if (isPublicRoute) { return next() // Skip auth checks, but don't bypass other security } ``` ## Debugging and Troubleshooting ### Cache Debugging Enable cache debugging during development: ```typescript theme={null} export class UserService { private static debug = import.meta.env.MODE === 'development' static async getCurrentUser(forceRefresh = false): Promise { if (this.debug) { console.log('UserService.getCurrentUser:', { forceRefresh, hasCachedData: !!this.cache, isCacheValid: this.isCacheValid(), cacheAge: this.cache ? Date.now() - this.cache.timestamp : 'N/A', pendingRequest: !!this.pendingRequest }) } // ... rest of implementation } } ``` ### Network Monitoring Monitor API calls to verify optimization: ```typescript theme={null} // Add network monitoring in development if (import.meta.env.MODE === 'development') { const originalFetch = window.fetch window.fetch = function(...args) { const url = args[0] if (typeof url === 'string' && url.includes('/api/users/me')) { console.log('🌐 API Call:', url, new Date().toISOString()) } return originalFetch.apply(this, args) } } ``` ### Common Issues and Solutions #### Issue: User Data Seems Stale **Symptoms**: User interface shows outdated information after profile changes **Solution**: Force refresh after data modifications ```typescript theme={null} // After updating user profile await updateUserProfile(profileData) const freshUser = await UserService.getCurrentUser(true) ``` #### Issue: Too Many API Calls **Symptoms**: Still seeing frequent `/api/users/me` calls **Diagnosis**: Check if components are forcing refresh unnecessarily ```typescript theme={null} // ❌ Problem: Always forcing refresh const user = await UserService.getCurrentUser(true) // ✅ Solution: Use cached data when appropriate const user = await UserService.getCurrentUser() ``` #### Issue: Authentication Not Working After Login **Symptoms**: User redirected to login page after successful authentication **Diagnosis**: Cache not cleared after login ```typescript theme={null} // ✅ Ensure login method clears cache static async login(email: string, password: string): Promise { const response = await fetch('/api/auth/login', { /* ... */ }) const user = await response.json() // This is crucial this.clearCache() return user } ``` #### Issue: Cache Not Working **Symptoms**: Still seeing API calls within cache duration **Diagnosis**: Check cache validation logic ```typescript theme={null} // Debug cache validation private static isCacheValid(): boolean { const isValid = this.cache !== null && Date.now() - this.cache.timestamp < this.CACHE_DURATION if (import.meta.env.MODE === 'development') { console.log('Cache validation:', { hasCache: !!this.cache, age: this.cache ? Date.now() - this.cache.timestamp : 'N/A', duration: this.CACHE_DURATION, isValid }) } return isValid } ``` ### Performance Testing #### Manual Testing Test the optimization by monitoring network requests: 1. **Open browser DevTools** → Network tab 2. **Filter requests** by `/api/users/me` 3. **Navigate to login page** → Should see 0 requests 4. **Navigate to protected route** → Should see 1 request 5. **Navigate between protected routes** → Should see 0 additional requests (within 30 seconds) #### Automated Testing ```typescript theme={null} // Test cache behavior describe('UserService Caching', () => { beforeEach(() => { UserService.clearCache() vi.clearAllMocks() }) it('should cache user data', async () => { const mockFetch = vi.fn().mockResolvedValue({ ok: true, json: () => Promise.resolve({ id: 1, name: 'Test User' }) }) global.fetch = mockFetch // First call should hit API const user1 = await UserService.getCurrentUser() expect(mockFetch).toHaveBeenCalledTimes(1) // Second call should use cache const user2 = await UserService.getCurrentUser() expect(mockFetch).toHaveBeenCalledTimes(1) // Still only 1 call expect(user1).toEqual(user2) }) it('should invalidate cache on logout', async () => { const mockFetch = vi.fn() .mockResolvedValueOnce({ ok: true, json: () => Promise.resolve({ id: 1, name: 'Test User' }) }) .mockResolvedValueOnce({ ok: true }) // logout response .mockResolvedValueOnce({ ok: false, status: 401 }) global.fetch = mockFetch // Get user (cached) await UserService.getCurrentUser() // Logout (clears cache) await UserService.logout() // Next call should hit API with fresh request await UserService.getCurrentUser().catch(() => {}) // Expect 401 expect(mockFetch).toHaveBeenCalledTimes(3) }) }) ``` ## Migration Guide ### Migrating Existing Components If you have existing components that fetch user data, update them to use the optimized service: #### Before (Manual Fetch) ```vue theme={null} ``` #### After (Optimized Service) ```vue theme={null} ``` ### Router Guard Migration #### Before (Multiple API Calls) ```typescript theme={null} router.beforeEach(async (to, from, next) => { // First API call const user = await fetchCurrentUser() if (user && (to.name === 'Login' || to.name === 'Register')) { return next({ name: 'Dashboard' }) } // Second API call const currentUser = await fetchCurrentUser() if (to.meta.requiresAuth && !currentUser) { return next({ name: 'Login' }) } next() }) ``` #### After (Single Cached Call) ```typescript theme={null} router.beforeEach(async (to, from, next) => { const publicRoutes = ['Setup', 'Login', 'Register'] const isPublicRoute = publicRoutes.includes(to.name as string) if (isPublicRoute) { return next() // Skip auth checks entirely } // Single API call (cached) const currentUser = await UserService.getCurrentUser() if (!currentUser) { return next({ name: 'Login' }) } // Reuse currentUser for additional checks if (to.meta.requiresRole && !userHasRole(currentUser, to.meta.requiresRole)) { return next({ name: 'Unauthorized' }) } next() }) ``` ## Maintenance and Monitoring ### Regular Performance Reviews #### Monthly Checklist * [ ] Review cache hit/miss ratios in production * [ ] Monitor API call patterns in analytics * [ ] Check for new routes that need classification * [ ] Validate authentication flow performance * [ ] Update cache duration if needed #### Performance Metrics to Track 1. **API Call Frequency**: Monitor `/api/users/me` request patterns 2. **Cache Hit Rate**: Aim for >70% cache hit rate 3. **Navigation Speed**: Measure time-to-interactive for route changes 4. **Error Rates**: Monitor authentication-related errors 5. **User Experience**: Track user satisfaction with navigation speed ### Future Enhancements #### Potential Improvements 1. **Configurable Cache Duration**: Environment-based cache settings 2. **Background Refresh**: Proactively refresh cache before expiration 3. **Selective Cache Invalidation**: Invalidate only specific user properties 4. **Cache Warming**: Pre-load user data on application startup 5. **Real-time Updates**: WebSocket integration for live user data updates #### Advanced Caching Strategies ```typescript theme={null} // Background refresh implementation class AdvancedUserService extends UserService { private static backgroundRefreshTimer: number | null = null static enableBackgroundRefresh() { this.backgroundRefreshTimer = setInterval(async () => { if (this.cache && this.isNearExpiration()) { // Refresh cache in background before it expires await this.getCurrentUser(true) } }, 10000) // Check every 10 seconds } private static isNearExpiration(): boolean { if (!this.cache) return false const age = Date.now() - this.cache.timestamp return age > (this.CACHE_DURATION * 0.8) // 80% of cache duration } } ``` This comprehensive router optimization and authentication caching system provides significant performance improvements while maintaining security and data freshness. The implementation demonstrates how thoughtful caching strategies can eliminate unnecessary API calls and create a more responsive user experience in modern web applications.