jwt: Cache the bcrypt password hash. (#3526)

Creds don't require secretKeyHash to be calculated everytime, cache it instead and re-use. This is an optimization for bcrypt. Relevant results from the benchmark done locally, negative value means improvement in this scenario. ``` benchmark old ns/op new ns/op delta BenchmarkAuthenticateNode-4 160590992 80125647 -50.11% BenchmarkAuthenticateWeb-4 160556692 80432144 -49.90% benchmark old allocs new allocs delta BenchmarkAuthenticateNode-4 87 75 -13.79% BenchmarkAuthenticateWeb-4 87 75 -13.79% benchmark old bytes new bytes delta BenchmarkAuthenticateNode-4 15222 9785 -35.72% BenchmarkAuthenticateWeb-4 15222 9785 -35.72% ```
2026-02-04 18:00:15 -05:00 · 2017-01-26 16:51:51 -08:00
parent 152cdf1c05
commit 85f2b74cfd
13 changed files with 101 additions and 56 deletions
--- a/cmd/jwt_test.go
+++ b/cmd/jwt_test.go
@@ -75,10 +75,40 @@ func testAuthenticate(authType string, t *testing.T) {
 	}
 }

-func TestNodeAuthenticate(t *testing.T) {
+func TestAuthenticateNode(t *testing.T) {
 	testAuthenticate("node", t)
 }

-func TestWebAuthenticate(t *testing.T) {
+func TestAuthenticateWeb(t *testing.T) {
 	testAuthenticate("web", t)
 }
+
+func BenchmarkAuthenticateNode(b *testing.B) {
+	testPath, err := newTestConfig(globalMinioDefaultRegion)
+	if err != nil {
+		b.Fatalf("unable initialize config file, %s", err)
+	}
+	defer removeAll(testPath)
+
+	creds := serverConfig.GetCredential()
+	b.ResetTimer()
+	b.ReportAllocs()
+	for i := 0; i < b.N; i++ {
+		authenticateNode(creds.AccessKey, creds.SecretKey)
+	}
+}
+
+func BenchmarkAuthenticateWeb(b *testing.B) {
+	testPath, err := newTestConfig(globalMinioDefaultRegion)
+	if err != nil {
+		b.Fatalf("unable initialize config file, %s", err)
+	}
+	defer removeAll(testPath)
+
+	creds := serverConfig.GetCredential()
+	b.ResetTimer()
+	b.ReportAllocs()
+	for i := 0; i < b.N; i++ {
+		authenticateWeb(creds.AccessKey, creds.SecretKey)
+	}
+}