Cloudflare Worker "exceeded CPU" Error on Auth Endpoint - Seeking Troubleshooting Insights

I've set up a Cloudflare Worker to handle an authentication endpoint. However, I'm encountering an error that states 'exceeded CPU'. I'm trying to understand the potential causes for surpassing the allocated CPU bandwidth. Any insights or troubleshooting suggestions would be greatly appreciated.
app.post('/signup', async (c) => {
const { email, password } = await c.req.json();
const auth = initializeAuth(c.env.TURSO_DB_URL, c.env.TURSO_AUTH_TOKEN);

try {
const userDetails = await auth
.createUser({
key: {
providerId: 'email',
providerUserId: email,

password,
},
attributes: {},
})
.catch(console.log);
console.log(userDetails);
return c.json({ status: 'ok' });
} catch (e) {
return c.json({ status: 'error', message: e });
}
});
app.post('/signup', async (c) => {
const { email, password } = await c.req.json();
const auth = initializeAuth(c.env.TURSO_DB_URL, c.env.TURSO_AUTH_TOKEN);

try {
const userDetails = await auth
.createUser({
key: {
providerId: 'email',
providerUserId: email,

password,
},
attributes: {},
})
.catch(console.log);
console.log(userDetails);
return c.json({ status: 'ok' });
} catch (e) {
return c.json({ status: 'error', message: e });
}
});
3 Replies
bkyerv
bkyervOP15mo ago
function initializeAuth(url: string, authToken: string) {
const libsqlClient = createClient({ url, authToken });

return lucia({
adapter: libsql(libsqlClient, {
user: 'user',
key: 'user_key',
session: 'user_session',
}),
env: 'DEV',
middleware: hono(),
getSessionAttributes: (dbSession) => {
return {
createdAt: dbSession.created_at,
};
},
});
}
function initializeAuth(url: string, authToken: string) {
const libsqlClient = createClient({ url, authToken });

return lucia({
adapter: libsql(libsqlClient, {
user: 'user',
key: 'user_key',
session: 'user_session',
}),
env: 'DEV',
middleware: hono(),
getSessionAttributes: (dbSession) => {
return {
createdAt: dbSession.created_at,
};
},
});
}
I use lucia for auth and my initial suspicion was maybe its hashing algorithm for password was taking all of the available compute. could it be the case? what do people use usually with cloudflare for auth other than third party providers (e.g. supabase, clerk etc)?
tobi
tobi15mo ago
do you have workers unbound? because authentication is designed to be cpu intensive, to mitigate brute-force attacks. If you have only 50ms or 10ms of cpu time, you most likely won't be able to compute a strong hash. so either do auth not in workers, or switch to unbound pricing model, which should give you (probably) enough runtime.
bkyerv
bkyervOP15mo ago
noted. thank you! I think auth is a natural next service for cloudflare to roll out because almost all other parts to build services/apps are there already
Want results from more Discord servers?
Add your server