quisi.do
CDCloudflare Developers
•Created by quisi.do on 6/14/2024 in #workers-help
What storage model should I use to validate that an API key is only used X times each month?
Do you have a summary for what the best choice is to read an API key's budget every request? Between cheapest and fastest? Is going to be simply "if you want lower latency, you need to pay more per request"?
One downside to durable objects is that I'm not on a paid plan yet. 😢
9 replies
CDCloudflare Developers
•Created by quisi.do on 6/14/2024 in #workers-help
What storage model should I use to validate that an API key is only used X times each month?
>Does it have to be an instant shutdown or could it be eventual?
Right now, I'm thinking each API call would be so cheap (fractions of a penny) that letting an API run over-the-limit is cheaper than enforcing accuracy. i.e. for a 100-call limit, I think it may be cheaper to just let them call it 110 times than enforce 100 strictly.
>Is latency super important or not so?
I think latency would be important for reading the budget to determine if the API call is allowed or not. Since this would happen before every call, I think it would really add up to skimp here. It's not a "this API needs to response within 100ms" business requirement, so there's flexibility if the cost justifies it. I just fear the scalability of making the API hang on budget-lookup if other latency problems are introduced later.
>Is each user global or from a specific area?
Global.
9 replies
CDCloudflare Developers
•Created by quisi.do on 3/23/2024 in #workers-help
What's the best way to cache user data?
You are saying that if I did use my own domain for the Cache API request, then the response would become publicly available to anyone by hitting that URL? I just want to be clear what precautions I should be taking and what the side effects of my code are.
8 replies
CDCloudflare Developers
•Created by quisi.do on 3/23/2024 in #workers-help
What's the best way to cache user data?
The Cache API expects a URL, though, right? So I'd be caching an ID like
/user-data/1234
. Is there no risk of someone visiting <MY_DOMAIN>/user-data/1234
in order to see the cached value?
I only want the cached response to be accessible from the worker so that the worker can enforce authorization.8 replies